CNNVD-202601-1632 Information

CNNVD ID

CNNVD-202601-1632

Related CVE

CVE-2026-22082

• CNNVD Published: 2026-01-09

Description (Chinese)

Tenda N300是中国腾达（Tenda）公司的一款路由器。 Tenda N300存在授权问题漏洞，该漏洞源于使用登录凭据作为会话ID，可能导致远程攻击者拦截网络流量并在不安全的传输过程中捕获会话ID，从而劫持经过身份验证的会话。

Description (English)

Tenda N300 is a router for Tenda China. There is a mandate gap in Tenda N300, which stems from the use of login documents as a session ID, which may lead to remote assailants intercepting network traffic and capturing a session ID during unsafe transmissions, thus hijacking an identified session.

Hazard Level

Medium

Vulnerability Type

授权问题

Affected Vendor

腾达

Published

2026-01-09

Last Modified

2026-02-24

References

https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2026-0004

Patch

https://www.tendacn.com/in/material/show/724624313163845