V-Help
← All news
Security

Tenda Router Vulnerability Grants Passwordless Admin Access: Manufacturer Ignores Issue

Tenda Router Vulnerability Grants Passwordless Admin Access: Manufacturer Ignores Issue

Photo: Tom's Hardware

Quick answer

A hidden backdoor (CVE-2026-11405) in Tenda routers grants administrative access without a password through an undocumented authentication mechanism in the firmware.

Cybersecurity experts at CERT Coordination Center (CERT/CC) have identified a critical vulnerability in the firmware of routers manufactured by Chinese company Tenda. Tracked as CVE-2026-11405, the flaw is a hidden backdoor that allows attackers to bypass standard authentication and gain administrative access to the device without entering a password.

The issue affects multiple router models, including FH1201, W15E, AC10, AC5, and AC6. CERT/CC’s report notes that the list of vulnerable devices may be broader, as the manufacturer has not provided official data. The vulnerability stems from an undocumented authentication mechanism that activates after a failed login attempt using the default password.

Exploiting this flaw enables attackers to gain full control over the router, including the ability to modify network settings, hijack DNS servers, disable security features, and create new user accounts. This poses significant risks to both home and corporate networks, as the router serves as the gateway between local devices and the internet.

Despite warnings from CERT/CC, Tenda has not released any patches to address the vulnerability. Experts recommend users disable remote router management and restrict access to the admin panel from the local network to reduce attack risk. Changing the router’s IP address may also hinder detection by automated scanners, though it does not protect against targeted attacks.

The manufacturer’s lack of response highlights growing regulatory concerns about the security of networking equipment, particularly devices manufactured abroad. Such vulnerabilities can be exploited to build botnets or launch targeted attacks on corporate and private user infrastructure.

Common questions

Which Tenda router models are affected by the vulnerability?
The vulnerability impacts models FH1201, W15E, AC10, AC5, and AC6. The list may be incomplete, as the manufacturer has not confirmed all vulnerable devices.
How does the Tenda router vulnerability work?
The firmware contains an undocumented authentication mechanism that allows access to the admin panel without entering the correct password. Attackers only need to know the hidden password stored in the system.
What do experts recommend to mitigate the Tenda router vulnerability?
CERT/CC advises disabling remote router management and restricting access to the admin panel from the local network. This reduces the risk of exploitation by malicious actors.
Share:

Dzen feed: /feed/dzen.xml · RSS: /feed.xml

Why trust this

Prepared by the V-Help editorial team from the primary source with a published date.

Published by: V-Help.ru news desk

Source: Tom's Hardware