← All stories
● Covered by 1 source Β· 1 reportHigh impact

CERT/CC Issues Warning Over Backdoor in Tenda Router Firmware

Aggregated by BrevFeed security Β· updated 1h ago
πŸ”– Save

CERT/CC has uncovered an undocumented backdoor in multiple Tenda router firmware versions, allowing unauthorized administrative access. This vulnerability, tracked as CVE-2026-11405, poses significant security risks as attackers can bypass authentication and control devices remotely.

Key points

Discovery of the Vulnerability

The CERT Coordination Center (CERT/CC) has warned about an undocumented authentication backdoor present in several Tenda router firmware versions. The vulnerability, tracked as CVE-2026-11405, could allow attackers to gain full administrative control without valid credentials.

Technical Details

The backdoor is located within the 'login()' function of the '/bin/httpd' web server binary. It initially uses MD5 for password verification but subsequently allows a different code path if this process fails, leading to unauthorized administrative access. The method fetches a hidden password from the device's configuration and performs a plaintext comparison, ignoring valid username checks.

Impact of the Vulnerability

The presence of this backdoor enables complete control over the router's web management interface. An attacker could alter settings, disable security features, or fully take control of the device, presenting serious risks to network security for users.

Current Status and Recommendations

As of now, the vulnerability remains unpatched. Users of affected Tenda router firmware versions are recommended to disable remote management features and change the default LAN IP address to mitigate potential exploitation risks. Tenda has been contacted for further comments regarding this issue.

✨ This summary was generated by AI from the outlets' reporting listed below. It is not independently verified and may contain errors β€” check the original sources. How BrevFeed works β†’

Primary sources

CVE CVE-2026-11405 CVE CVE-2026-552008.1 HIGH CVE CVE-2026-468179.8 CRITICAL

Reporting from

CERT/CC has uncovered an undocumented backdoor in multiple Tenda router firmware versions, allowing unauthorized administrative access. This vulnerability, tracked as CVE-2026-11405, poses significant security risks as attackers can bypass authentication and control devices remotely.