VU#213560: Tenda firmware (mul... Note

VU#213560: Tenda firmware (multiple versions) contains hidden authentication backdoor

Multiple Tenda firmware versions contain a critical undocumented authentication backdoor. This vulnerability, identified as CVE-2026-11405, allows attackers to bypass password verification entirely. The backdoor resides within the /bin/httpd web server binary's login function. It first attempts standard MD5 password verification. If that fails, it retrieves a secret password from the device configuration. The system then performs a direct plaintext comparison of the entered password against this secret value. Crucially, the username is never validated in this backdoor path. Successful exploitation grants full administrative access, overriding any configured credentials. Attackers can then reconfigure the device, modify network settings, and disable security measures. As of now, Tenda has not provided a patch for this vulnerability. Mitigation strategies include disabling remote management and restricting local network exposure by changing the default LAN IP address.