CVE-2018-25317

Tenda W3002R/A302/W309R V5.07.64_en Cookie Session Weakness DNS Change

CVSS 9.3 CRITICALEPSS 0.7%CWE-290

Vexday Risk Score

48Attention

SSVC decision (CISA)

Attend

PoC available → attend closely

CVSS 9.3EPSS 0.7%KEV nãoPoC públicaNuclei —Metasploit —Patch —

Lifecycle

29 Apr 2026Published on NVD

Recommendation: Plan a near-term fix — a public PoC already exists.

Tenda W3002R/A302/W309R wireless routers version V5.07.64_en contain a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the /goform/AdvSetDns endpoint with a crafted admin language cookie to change primary and secondary DNS servers, redirecting user traffic to malicious DNS servers.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected products

Tenda · W3002R

public PoCs found — 1

cve_referencewww.exploit-db.com/exploits/44380unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.exploit-db.com/exploits/44380 https://www.vulncheck.com/advisories/tenda-w3002r-a302-w309r-64-en-cookie-session-weakness-dns-change