| Tenda firmware (multiple versions) contains hidden authentication backdoor(kb.cert.org) | |
| 242 points by miniBill 12 hours ago | 78 comments | |
tl;dr: Multiple Tenda router firmware versions contain a hardcoded authentication backdoor (CVE-2026-11405) in the httpd binary's login() function: if normal MD5 password auth fails, it falls back to a plaintext strcmp against a value stored in `sys.rzadmin.password`, granting admin-level access with any username. The vendor could not be reached, so no patch exists; recommended mitigations are disabling remote management and changing the default LAN IP. | |
HN Discussion:
| |