CVE-2014-5246

Published: Aug 22, 2014Modified: May 6, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

The Shenzhen Tenda Technology Tenda A5s router with firmware 3.02.05_CN allows remote attackers to bypass authentication and gain administrator access by setting the admin:language cookie to zh-cn.

Affected (2)

Products: Tenda: A5s Firmware, A5s

Tenda

2 products

A5s Firmware

A5s

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Tenda A5s Firmware	Version 3.02.05_cn
Tenda A5s	All versions

Related CWEs

CWE-264

References (10)

http://osvdb.org/show/osvdb/110146

Source: cve@mitre.org

http://packetstormsecurity.com/files/127905/Tenda-A5s-Router-Authentication-Bypass.html

Source: cve@mitre.org

Exploit

http://www.exploit-db.com/exploits/34361

Source: cve@mitre.org

Exploit

http://www.securityfocus.com/bid/69267

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/95337

Source: cve@mitre.org

http://osvdb.org/show/osvdb/110146