CVE

CVE-2018-25318

0field notes · 1digest CVSS 9.8

Daily digests

Tenda FH303/A300 routers on firmware V5.07.68_EN don't properly validate session cookies. An unauthenticated attacker on the network can send a crafted request to the DNS settings endpoint and redirect all client traffic through a malicious DNS server. No login required.

Daily Digest · Apr 30, 2026
ksmbd RCE (9.8) + Wazuh cluster write-to-RCE

CVE-2018-25318

ksmbd RCE (9.8) + Wazuh cluster write-to-RCE