CVE-2023-29681
https://notcve.org/view.php?id=CVE-2023-29681
Cleartext Transmission in cookie:ecos_pw: in Tenda N301 v6.0, firmware v12.03.01.06_pt allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain the password. • https://medium.com/%400ta/tenda-n301-v6-cve-2023-29680-cve-2023-29681-a40f7ae6dc62 https://www.youtube.com/watch?v=Xy9_hmpvvA4&ab_channel=0ta • CWE-319: Cleartext Transmission of Sensitive Information •
CVE-2023-29680
https://notcve.org/view.php?id=CVE-2023-29680
Cleartext Transmission in set-cookie:ecos_pw: Tenda N301 v6.0, Firmware v12.02.01.61_multi allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain the password. • https://medium.com/%400ta/tenda-n301-v6-cve-2023-29680-cve-2023-29681-a40f7ae6dc62 https://www.youtube.com/watch?v=m7ZHfFcSKpU&ab_channel=0ta • CWE-319: Cleartext Transmission of Sensitive Information •
CVE-2019-16288
https://notcve.org/view.php?id=CVE-2019-16288
On Tenda N301 wireless routers, a long string in the wifiSSID parameter of a goform/setWifi POST request causes the device to crash. En los enrutadores inalámbricos Tenda N301, una cadena larga en el parámetro wifiSSID de una petición POST goform/setWifi causa que el dispositivo se bloquee. • https://pastebin.com/yu8hPE8w •