CERT/CC Vulnerability Note VU#213560
- Overview Several versions of Tenda firmware contain an undocumented authentication backdoor that grants administrative access to the devices' web management interfaces.
- An attacker can expoit this vulnerability, tracked as CVE-2026-11405, to bypass the password verification process and obtain full administrative control without valid credentials.
- Affected Versions: * US_FH1201V1.0BR_V1.2.0.14(408)_EN_TD * US_W15EV1.0br_V15.11.0.5(1068_1567_841)_EN_TDE * US_AC10V1.0re_V15.03.06.46_multi_TDE01 * US_AC5V1.0RTL_V15.03.06.48_multi_TDE01 * US_AC6V2.0RTL_V15.03.06.51_multi_T Description Tenda is a su
Unverified
- Overview Several versions of Tenda firmware contain an undocumented authentication backdoor that grants administrative access to the devices' web management interfaces.
- An attacker can expoit this vulnerability, tracked as CVE-2026-11405, to bypass the password verification process and obtain full administrative control without valid credentials.
- Affected Versions: * US_FH1201V1.0BR_V1.2.0.14(408)_EN_TD * US_W15EV1.0br_V15.11.0.5(1068_1567_841)_EN_TDE * US_AC10V1.0re_V15.03.06.46_multi_TDE01 * US_AC5V1.0RTL_V15.03.06.48_multi_TDE01 * US_AC6V2.0RTL_V15.03.06.51_multi_T Description Tenda is a su
Sources: Cert