CERT/CC warns of hidden admin backdoor in Tenda
🔒 The CERT Coordination Center (CERT/CC) has disclosed that multiple Tenda router firmware versions contain an undocumented authentication backdoor (CVE-2026-11405) that allows attackers to bypass password checks and gain administrative access. The backdoor resides in the login() function of the /bin/httpd binary and compares a submitted password to a configuration-stored value obtained via GetValue("sys.rzadmin.password"). Any username is accepted when the backdoor password matches, enabling full device takeover. Users should disable remote management and change default LAN IPs while a patch is pending.
