Vulnerabilities > CVE-2022-40843 - Unspecified vulnerability in Tenda W15E Firmware 15.11.0.10(1576)

CVSS 4.9 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

tenda

NVD

Published: 2022-11-15

Updated: 2023-08-08

Summary

The Tenda AC1200 V-W15Ev2 V15.11.0.10(1576) router is vulnerable to improper authorization / improper session management that allows the router login page to be bypassed. This leads to authenticated attackers having the ability to read the routers syslog.log file which contains the MD5 password of the Administrator's user account.

Vulnerable Configurations

Part	Description	Count
OS	Tenda Tenda W15E Firmware 15.11.0.10\(1576\)	1
Hardware	Tenda Tenda Ac1200 V W15Ev2 -	1

References

https://boschko.ca/tenda_ac1200_router/