Find notable cyber news and cases, enriched with sources, timelines, and signals.

CERT/CC Tenda router backdoor mitigation

Advisory/Mitigation
First reported
Last updated
Happening score
H score 31
1 unique sources, 1 articles

Summary

Hide ▲

CERT/CC issued interim mitigation for Tenda firmware after disclosure of CVE-2026-11405, advising users to disable remote management and change the default LAN IP address to reduce exposure to the hidden admin backdoor. The guidance targets devices that could otherwise be found by automated scanners and reached without valid credentials.

Related Happenings

Tenda firmware hidden admin backdoor security flaw (CVE-2026-11405)

Vulnerability
H score33 First: 07.07.2026 09:40 Last: 07.07.2026 09:40 Sources 1

How related: "An attacker can exploit this vulnerability, tracked as CVE-2026-11405, to bypass the password verification process and obtain full administrative control without valid credentials," the CERT/CC said in an alert.

About this happening: An **undocumented authentication backdoor** in **Tenda firmware** now exposes multiple router builds to **full administrative takeover without valid credentials**. The flaw is tra...

Timeline

  1. 07.07.2026 09:40 2 articles · 2d ago

    CERT/CC warns of hidden admin backdoor in Tenda router firmware

    Initial Disclosure

    CERT/CC warned that several Tenda router firmware versions contain an undocumented authentication backdoor in the /bin/httpd login() path, tracked as CVE-2026-11405, that can bypass password verification and grant full administrative control without valid credentials. CERT/CC also advised users to disable remote management on the device and change the default LAN IP address to reduce exposure to opportunistic scanning and remote abuse.

    Show sources