Password Exposure Vulnerability in Tenda AC1200 Router by Tenda
CVE-2022-40845

6.5MEDIUM

Key Information:

Vendor: Tenda
Status: W15e Firmware
Vendor: CVE Published:; 15 November 2022

What is CVE-2022-40845?

The Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576) is susceptible to a password exposure vulnerability. This issue arises from inadequate session management and improper authorization processes. An attacker with access to the router could exploit this vulnerability to access sensitive information that should otherwise remain protected. It is crucial for users of this router model to take preventive actions to secure their network and sensitive data.

References

https://boschko.ca/tenda_ac1200_router/

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 15, 2022
Vulnerability Reserved
Sep 19, 2022