ShellCodeX Intelligence Brief
CRITICAL
Vulnerabilities
CERT/CC flags hidden admin backdoor in Tenda router firmware (CVE-2026-11405)
Source headline: CERT/CC Warns of Hidden Admin Backdoor in Tenda Router Firmware
Threat level
Critical
Signal strength
85/100
Source confidence
1 source
Published
2 hours ago
Intelligence Summary
CERT Coordination Center (CERT/CC) says certain Tenda router firmware versions contain an undocumented authentication backdoor. The backdoor can be abused to bypass password verification and gain administrative access to the web management interface. The issue is tracked as CVE-2026-11405. Successful exploitation could allow attackers to change router settings, monitor traffic, or pivot deeper into local networks. Owners of affected Tenda devices should check for available firmware updates and restrict access to management interfaces until patched.
Recommended Action
Prioritize immediate review, validate exposure, and patch or mitigate affected systems.
Topics
Original reporting
The Hacker News
CERT/CC Warns of Hidden Admin Backdoor in Tenda Router Firmware
Open original source