Vulnerabilities > Tenda
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-10-23 | CVE-2014-7281 | Cross-Site Request Forgery (CSRF) vulnerability in Tenda A32 and A32 Firmware Cross-site request forgery (CSRF) vulnerability in Shenzhen Tenda Technology Tenda A32 Router with firmware 5.07.53_CN allows remote attackers to hijack the authentication of administrators for requests that reboot the device via a request to goform/SysToolReboot. | 6.8 |
| 2014-08-22 | CVE-2014-5246 | Permissions, Privileges, and Access Controls vulnerability in Tenda A5S and A5S Firmware The Shenzhen Tenda Technology Tenda A5s router with firmware 3.02.05_CN allows remote attackers to bypass authentication and gain administrator access by setting the admin:language cookie to zh-cn. | 10.0 |