Details of VAR-202409-2177

ID

VAR-202409-2177

TITLE

tenda A32 wireless router management interface authentication bypass vulnerability

Trust: 0.6

sources: CNVD: CNVD-2014-05490

DESCRIPTION

There is a security vulnerability in the web management interface of tenda A32 wireless router. By modifying cookies to specific values, the user name and password authentication can be bypassed to directly obtain administrator operation permissions and manage the router.

Trust: 0.6

sources: CNVD: CNVD-2014-05490

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2014-05490

AFFECTED PRODUCTS

vendor:

model:

tenda technology co.,ltd. a32

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2014-05490

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2014-05490
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2014-05490
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2014-05490

EXTERNAL IDS

db:

CNVD

id:

CNVD-2014-05490

Trust: 0.6

sources: CNVD: CNVD-2014-05490

SOURCES

db:

CNVD

id:

CNVD-2014-05490

LAST UPDATE DATE

2024-10-18T04:03:35.184000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2014-05490

date:

2014-09-09T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2014-05490

date:

2024-09-01T00:00:00