Tenda 300Mbps Wireless Router F3
Moderate fix1 remedy
cpe:2.3:h:tenda:f3:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
- V12.01.01.41
- V12.01.01.42
- V12.01.01.48
- V12.01.01.52
- V12.01.01.55
- V03.03.01.40
Tenda Wireless Routers Insecure Session ID Management Vulnerability
Vulnerability
Patched
A vulnerability exists in Tenda wireless routers, specifically the 300Mbps Wireless Router F3 and the N300 Easy Setup Router, due to the use of login credentials as the session ID in the web-based administrative interface. This flaw allows remote attackers to intercept network traffic, capture the session ID during transmission, and hijack authenticated sessions. Exploitation of this vulnerability could lead to unauthorized access to sensitive configuration information on the affected device.
Impact
Successful exploitation allows interception of session IDs, enabling hijacking of authenticated sessions and access to sensitive router configuration.
Remediation
Users are advised to apply the updates mentioned by the vendor. For more information, visit the Tenda India website.
Added: Jan 9, 2026, 1:03 PM
Updated: Jan 9, 2026, 1:03 PM
Vulnerability Rating
Custom Algorithm
spread
6.8impact
5.0exploitability
4.5remediation
7.7relevance
2.0threat
0.0urgency
2.9incentive
0.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.