|
| Description: | | The Tenda AC1200 V-W15Ev2 router is affected by improper authorization/improper session management. The software does not perform or incorrectly perform an authorization check when a user attempts to access a resource or perform an action. This allows the router's login page to be bypassed. The improper validation of user sessions/authorization can lead to unauthenticated attackers having the ability to read the router's syslog.log file, which contains the MD5 password of the Administrator's user account. |
|
| Impact: | | Unauthenticated attackers can bypass authentication and access sensitive system logs containing administrator credentials, leading to complete device compromise. |
|
| Affected OS: | | Network Device |
|
| Reference: | | https://nvd.nist.gov/vuln/detail/CVE-2022-40843
|
|