IQID:25092 Tenda AC1200 W15Ev2 - Improper Authorization (CVE-2022-40843) S

IQID:25092 Tenda AC1200 W15Ev2 - Improper Authorization (CVE-2022-40843) S

IQID: 25092 - November 2022

The Tenda AC1200 V-W15Ev2 router is affected by improper authorization/improper session management. The software does not perform or incorrectly perform an authorization check when a user attempts to access a resource or perform an action. This allows the router's login page to be bypassed. The improper validation of user sessions/authorization can lead to unauthenticated attackers having the ability to read the router's syslog.log file, which contains the MD5 password of the Administrator's user account. This vulnerability exists within the local web and hosted remote management console. The vulnerability affects version V15.11.0.10(1576).

A Full Description is available for this threat, please sign in for access to Full Description.

Attack Data

Attack Data is available for this threat, please sign in for access to Attack Data.

CVSS Information

CVSS Information is available for this threat, please sign in for access to CVSS Information.

Date

Date Information is available for this threat, please sign in for access to Date Information.

External Resources

External resources are available for this threat, please sign in for access to external resources.

Security Rule

A security rule is available to identify this threat, please sign in for access to security rules.

Permalink

Link directly to this page.

http://www.idappcom.com/db/?25092

© 2024 by IDappcom. Privacy policy. IDappcom Ltd, 6 Rural Enterprise Centre, Ludlow, Shropshire, SY8 1FF.