CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-46434: Tenda W18E V16.01.0.8(1625) suffers from authentication bypass in the web management portal allowing an unauthorized remote attacker to gain...

Description

Tenda W18E V16.01.0.8(1625) suffers from authentication bypass in the web management portal allowing an unauthorized remote attacker to gain administrative access by sending a specially crafted HTTP request.

Classification

CVE ID: CVE-2024-46434

Affected Products

Vendor: n/a

Product: n/a

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.88% (scored less or equal to compared to others)

EPSS Date: 2025-03-11 (when was this score calculated)

References

https://reddassolutions.com/blog/tenda_w18e_security_research

Timeline

2025-02-11 00:32:57 UTC
CVE

Tenda W18E V16.01.0.8(1625) suffers from authentication bypass in the web management portal allowing an unauthorized remote attacker to gain...