Vulnerability Description
Cleartext Transmission in set-cookie:ecos_pw: Tenda N301 v6.0, Firmware v12.02.01.61_multi allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain the password.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tenda | N301 Firmware | 12.03.01.06_pt |
| Tenda | N301 | 6.0 |
Related Weaknesses (CWE)
References
- https://medium.com/%400ta/tenda-n301-v6-cve-2023-29680-cve-2023-29681-a40f7ae6dc
- https://www.youtube.com/watch?v=m7ZHfFcSKpU&ab_channel=0taExploit
- https://medium.com/%400ta/tenda-n301-v6-cve-2023-29680-cve-2023-29681-a40f7ae6dc
- https://www.youtube.com/watch?v=m7ZHfFcSKpU&ab_channel=0taExploit
FAQ
What is CVE-2023-29680?
CVE-2023-29680 is a vulnerability with a CVSS score of 5.7 (MEDIUM). Cleartext Transmission in set-cookie:ecos_pw: Tenda N301 v6.0, Firmware v12.02.01.61_multi allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain th...
How severe is CVE-2023-29680?
CVE-2023-29680 has been rated MEDIUM with a CVSS base score of 5.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-29680?
Check the references section above for vendor advisories and patch information. Affected products include: Tenda N301 Firmware, Tenda N301.