Hasty Briefsbeta

Bilingual

Tenda firmware (multiple versions) contains hidden authentication backdoor

6 hours ago
  • #security-vulnerability
  • #router-backdoor
  • #cve-2026-11405
  • Tenda firmware versions contain an undocumented authentication backdoor allowing administrative access without valid credentials.
  • An attacker can bypass password verification via the backdoor, tracked as CVE-2026-11405, to gain full control.
  • Affected devices include specific firmware versions of US_FH1201, US_W15E, US_AC10, US_AC5, and US_AC6.
  • The backdoor involves a login() function in /bin/httpd that retrieves an alternate password via GetValue("sys.rzadmin.password").
  • Successful strcmp() match with the backdoor password grants admin access (role=2) regardless of username.
  • Exploitation enables device reconfiguration, network alteration, and security feature disablement.
  • No patch is available; mitigation includes disabling remote management and restricting local network exposure.