Home / Latest

Latest

Tenda Firmware Vulnerability Exposes Millions to Security Risk

WireByte Staff · July 8, 2026

Multiple versions of Tenda firmware contain an undocumented authentication backdoor that allows attackers to bypass password verification and gain full administrative control. The vulnerability, tracked as CVE-2026-11405, affects several Tenda devices, including routers and switches. The issue has sparked concerns among security experts and regulators, who warn of potential widespread exploitation.

Key points

  • Tenda firmware versions US_FH1201V1.0BR_V1.2.0.14(408)_EN_TD, US_W15EV1.0br_V15.11.0.5(1068_1567_841)_EN_TDE, US_AC10V1.0re_V15.03.06.46_multi_TDE01, US_AC5V1.0RTL_V15.03.06.48_multi_TDE01, and US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 contain the vulnerability.
  • The backdoor allows attackers to bypass password verification and gain full administrative control without valid credentials.
  • The vulnerability has been tracked as CVE-2026-11405 and affects several Tenda devices, including routers and switches.
  • Security experts and regulators have expressed concerns about potential widespread exploitation.
  • Tenda has not yet issued a formal statement or patch to address the issue.

Tenda Firmware Vulnerability Exposes Millions to Security Risk

Tenda, a supplier of home and business network devices, has been found to have multiple firmware versions containing an undocumented authentication backdoor. This vulnerability, tracked as CVE-2026-11405, allows attackers to bypass password verification and gain full administrative control without valid credentials.

The affected firmware versions include US_FH1201V1.0BR_V1.2.0.14(408)_EN_TD, US_W15EV1.0br_V15.11.0.5(1068_1567_841)_EN_TDE, US_AC10V1.0re_V15.03.06.46_multi_TDE01, US_AC5V1.0RTL_V15.03.06.48_multi_TDE01, and US_AC6V2.0RTL_V15.03.06.51_multi_TDE01. Security experts and regulators have expressed concerns about potential widespread exploitation.

Tenda has not yet issued a formal statement or patch to address the issue. As the situation unfolds, it is essential to monitor updates from Tenda and relevant security authorities to ensure the safety of network devices and users.

Sources

WireByte Staff — Editorial Team

The WireByte editorial team synthesises technology news from multiple primary sources, verifies the facts, and links every source. Articles are produced with AI assistance and reviewed under our editorial policy.