Hidden backdoor in Tenda router firmware grants admin access

Summary

A hidden authentication backdoor has been discovered in the firmware of multiple Tenda router models. This vulnerability allows an unauthenticated attacker to gain administrative access to the router's web management panel.

IFF Assessment

FOE

The discovery of a backdoor granting unauthorized administrative access to routers represents a significant security risk for users and a win for attackers.

Severity

9.0 Critical (AI Estimated)

The backdoor allows for remote unauthenticated access to gain administrative control, with potential for widespread impact on connected networks, making it a critical vulnerability.

Defender Context

This backdoor highlights the ongoing risks associated with IoT device firmware and the importance of regular security audits and patching. Defenders should prioritize monitoring for any signs of compromise on Tenda routers and applying available firmware updates as soon as possible.

Read Full Story →