CVE-2014-5246 Information

Description

The Shenzhen Tenda Technology Tenda A5s router with firmware 3.02.05_CN allows remote attackers to bypass authentication and gain administrator access by setting the admin:language cookie to zh-cn.

Reference

http://osvdb.org/show/osvdb/110146 http://packetstormsecurity.com/files/127905/Tenda-A5s-Router-Authentication-Bypass.html http://www.exploit-db.com/exploits/34361 http://www.securityfocus.com/bid/69267 https://exchange.xforce.ibmcloud.com/vulnerabilities/95337