PT-2025-35587 · Tenda · Tenda Cp6
Iot_Res
·
Published
2025-09-02
·
Updated
2025-09-02
·
CVE-2025-9828
CVSS v3.1
5.9
Medium
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Tenda CP6 version 11.10.00.243
Description
A vulnerability exists in the function
sub 2B7D04 of the uhttp component. Manipulation of this function can lead to a risky cryptographic algorithm. This attack can be launched remotely and is characterized by high complexity, with exploitability described as difficult. The exploit has been publicly disclosed.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Use of a Broken Cryptographic Algorithm
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Tenda Cp6