cbcvebase.
CVE-2022-42233
published 2022-10-20

CVE-2022-42233: Tenda 11N with firmware version V5.07.33_cn suffers from an Authentication Bypass vulnerability.

PriorityP276critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
42.70%
98.5th percentile
Tenda 11N with firmware version V5.07.33_cn suffers from an Authentication Bypass vulnerability.

Affected

1 ranges
VendorProductVersion rangeFixed in
tenda11n_firmware

Detection & IOCsextracted from sources · hover to see the quote

cookieadmin
url/index.asp
  • Exploit sends a GET request to /index.asp with only 'Cookie: admin' set (no value); a vulnerable device responds HTTP 200 with body containing both 'def_wirelesspassword' and 'Tenda 11N', and a response header containing 'GoAhead-Webs'.
  • Response body keywords confirming successful authentication bypass: 'def_wirelesspassword' AND 'Tenda 11N' (case-insensitive).
  • Server header 'GoAhead-Webs' in the HTTP response identifies the vulnerable Tenda 11N web server.
  • Shodan queries to identify exposed Tenda 11N devices: http.title:"Tenda 11N" or http.title:"tenda 11n".
  • FOFA queries to identify exposed Tenda 11N devices: product=="Tenda-11N-Wireless-AP" or title="tenda 11n".
  • ·Vulnerability is specific to Tenda 11N firmware version V5.07.33_cn only; other firmware versions may not be affected.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.