PT-2025-35412 · Tenda · Tenda Ac9
Yu_Bao
·
Published
2025-08-31
·
Updated
2025-08-31
·
CVE-2025-9731
Yu_Bao
·
Published
2025-08-31
·
Updated
2025-08-31
·
CVE-2025-9731
2.5
Low
| Base vector | Vector | AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Tenda AC9 version 15.03.05.19
Description:
A vulnerability exists in Tenda AC9 version 15.03.05.19 related to hard-coded credentials within the Administrative Interface component. The vulnerability resides in an unknown function of the `/etc ro/shadow` file. The attack can be launched locally and is considered difficult to exploit. The exploit has been publicly disclosed.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Using Hardcoded Credentials