PT-2025-35477 · Tenda · Tenda W12
Yu Bao
·
Published
2025-09-01
·
Updated
2025-09-01
·
CVE-2025-9778
Yu Bao
·
Published
2025-09-01
·
Updated
2025-09-01
·
CVE-2025-9778
1.9
Low
| Base vector | Vector | AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Tenda W12 versions prior to 3.0.0.7
Description:
A security issue has been identified in Tenda W12. The issue involves hard-coded credentials within the file `/etc ro/shadow` of the Administrative Interface component. Exploitation requires local access and is considered difficult. The exploit has been publicly disclosed.
Recommendations:
Update Tenda W12 to version 3.0.0.7 or later.
Exploit
Fix
Using Hardcoded Credentials