Security News Tenda Authentication Backdoor Grants Attackers Full Administrative Access

Parkinsond

Level 63
Thread author
Verified
Top Poster
Well-known
Dec 6, 2023
5,155
16,057
6,169
A newly disclosed vulnerability in Tenda network devices exposes a critical authentication backdoor that allows attackers to gain full administrative access without valid credentials.

The flaw affects multiple firmware versions across several Tenda router models, including the FH1201, W15E, AC10, AC5, and AC6 series.

These routers are widely used in home and small business environments, where they rely on web-based management interfaces secured by username and password authentication.

 
  • Like
Reactions: Khushal
Again, need enabling "remote management" by some ignorant user missing aroud with the router settings 😂
You're conflicting WAN with LAN.

CVE-2026-11405 backdoor explicitly notes that disabling remote management only prevents attackers on "external networks" from acessing the administrative dasboard over the internet.

If the attacker is on the cafe Wi-Fi, they are already on the Local Area Network (LAN). They do not need 'Remote Management' enabled to access the router's local gateway IP. The CVE-2026-11405 backdoor grants full administrative control over the local web management interface, allowing an attacker already inside the network to take over the router and execute the exact Man-in-the-Middle attacks we were discussing.

You proved my point again: connecting to a public Wi-Fi puts you behind the firewall with potential attackers, entirely bypassing the need for remote WAN management.