vuln-1/vuln

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-70798 ↗	Mar 10, 2026Tuesday, 10 March 2026, 21:16	8.4 HIGH	—
Tenda i24V3.0si V3.0.0.5 Firmware V3.0.0.5 was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root.
CVE-2025-70802 ↗	Mar 10, 2026Tuesday, 10 March 2026, 21:16	8.4 HIGH	—
Tenda G1V3.1si V16.01.7.8 Firmware V16.01.7.8 was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root.
CVE-2025-15371 ↗	Dec 31, 2025Wednesday, 31 December 2025, 01:15	7.8 HIGH	6.8 MEDIUM
A vulnerability has been found in Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G and TEG5328F up to 65.10.15.6. Affected is an unknown function of the component Shadow File. Such manipulation with the input Fireitup leads to hard-coded credentials. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.