CVE-2018-25317 | Tenda W3002R/A302/W309R wireless routers version V5.07.64_en… | CVSS 9.8 CRITICAL

Description

Tenda W3002R/A302/W309R wireless routers version V5.07.64_en contain a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the /goform/AdvSetDns endpoint with a crafted admin language cookie to change primary and secondary DNS servers, redirecting user traffic to malicious DNS servers.

Metadata

CVE ID: CVE-2018-25317
State: PUBLISHED
Assigner: VulnCheck
Reserved: 2026-04-29 12:27 UTC
Published: 2026-04-29 19:24 UTC
Last updated: 2026-04-30 14:11 UTC
Primary CWE: CWE-290
Authentication Bypass by Spoofing
Vendor / Product: Tenda / W3002R
Sources: cve.org · NVD

Severity & Metrics

9.8 CRITICAL CVSS 3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SSVC — CISA Coordinator

Exploitation: PoC
Automatable: yes
Tech. Impact: total

Affected products (1)

Vendor	Product	Platform	Versions
Tenda	W3002R	—	5.07.64

Weakness (CWE)

CWE	Source	Description
CWE-290	cna	Authentication Bypass by Spoofing

CVSS scores (2)

Score	Severity	Version	Source	Vector
9.8	CRITICAL	3.1	cna	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3	CRITICAL	4.0	cna	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

References (2)

ExploitDB-44380 https://www.exploit-db.com/exploits/44380
VulnCheck Advisory: Tenda W3002R/A302/W309R V5.07.64_en Cookie Session Weakness DNS Change https://www.vulncheck.com/advisories/tenda-w3002r-a302-w309r-64-en-cookie-session-weakness-dns-change