CERT/CC Warns of Hidden Admin Backdoor in Tenda Router Firmware

Summary

CERT/CC has warned of a hidden administrative backdoor found in multiple Tenda router firmware versions. This vulnerability allows attackers to bypass password authentication and gain administrative access to the device's web management interface.

IFF Assessment

FOE

The discovery of an unpatched backdoor that allows unauthorized administrative access to network devices is detrimental to the security posture of users and organizations.

Severity

9.0 Critical (AI Estimated)

The vulnerability allows for remote exploitation without authentication, leading to complete administrative control of the router, which typically sits at the network perimeter, posing a high risk to confidentiality, integrity, and availability.

Defender Context

This backdoor presents a significant risk to users of Tenda routers, as it allows unauthorized access to device management. Defenders should immediately check for firmware updates from Tenda and consider network segmentation to limit the impact of compromised devices. Monitoring for unusual administrative access attempts on affected devices is also crucial.

Read Full Story →