Critical Backdoor in Tenda Firmware Exposes Devices to Unauthorized Access

Critical Backdoor in Tenda Firmware Exposes Devices to Unauthorized Access

First seen 7 Jul 2026, 12:27 UTC Kb.CertThehackernewsCybersecuritynewsSecurityaffairs.Cowww.cve.org 83% similarity 69.8

Article Content

Browse articles
ThreatCluster

A serious vulnerability in multiple Tenda firmware versions has been disclosed, allowing attackers to exploit an undocumented authentication backdoor, tracked as CVE-2026-11405. This flaw enables unauthorized users to gain full administrative access to affected devices, including models FH1201, W15E, AC10, AC5, and AC6. The backdoor bypasses normal password verification, allowing any username paired with a specific hidden password to succeed. Currently, there is no patch available, and the vendor has not responded to requests for coordination. Users are advised to disable remote management and restrict local network exposure as mitigation strategies. The vulnerability was published by CERT/CC on July 6, 2026, and poses a significant risk to network security.

Key Points: • Tenda firmware contains a critical backdoor allowing full admin access without valid credentials. • The vulnerability affects multiple router models and is tracked as CVE-2026-11405. • No patch is available; users should disable remote management to mitigate risks.

ThreatCluster AI

Timeline

2026-07-06
CVE-2026-11405 published
CERT/CC disclosed a vulnerability in Tenda firmware that allows unauthorized admin access via a hidden backdoor.
Kb.Cert

Community

Browse all →