importantSYS.SOURCE: The Hacker News• 2026-07-07T12:10:47+05:30
CERT/CC Alerts on Undocumented Administrative Backdoor in Tenda Router Firmware
#Router Security#Firmware Security#Backdoor#CVE-2026-11405
The CERT Coordination Center warned that several versions of Tenda router firmware contain an undocumented authentication backdoor allowing administrative access without valid credentials. This vulnerability (CVE-2026-11405) permits attackers to bypass password checks and achieve full control over the device.
Several versions of firmware released by Chinese network device manufacturer Tenda have been found to embed an undocumented authentication backdoor that enables administrative access to the devices' web management interfaces, the CERT Coordination Center (CERT/CC) warned Monday.
"An attacker can exploit this vulnerability, tracked as CVE-2026-11405, to bypass the password verification process
*** END OF TRANSMISSION ***