Security Advisory

CVE-2024-46430

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-02-10 00:00:00

Last updated 2025-02-10 21:47:12

Assigner mitre

State PUBLISHED

Description

Tenda W18E V16.01.0.8(1625) is vulnerable to Incorrect Access Control. Unauthorized password change via the web management portal allows an unauthenticated remote attacker to change the administrator password by sending a specially crafted HTTP POST request to the setLoginPassword function, bypassing the authentication mechanism.

← Browse all CVEs View on cve.org ↗