CVE-2025-9806

A vulnerability was determined in Tenda F1202 1.2.0.9/1.2.0.14/1.2.0.20. Impacted is an unknown function of the file /etcro/shadow of the component Administrative Interface. This manipulation with the input Fireitup causes hard-coded credentials. The attack can only be executed locally. A high...

CVE-2025-9806 Tenda F1202 Administrative shadow hard-coded credentials

A vulnerability was determined in Tenda F1202 1.2.0.9/1.2.0.14/1.2.0.20. Impacted is an unknown function of the file /etcro/shadow of the component Administrative Interface. This manipulation with the input Fireitup causes hard-coded credentials. The attack can only be executed locally. A high...

CVE-2025-9806

The CVE-2025-9806 entry concerns Tenda F1202 devices (firmware versions 1.2.0.9–1.2.0.20) with an issue in the Administrative Interface’s /etc_ro/shadow function. Manipulating the input Fireitup locally can cause hard-coded credentials to be exposed. Exploitation requires local access and a high ...

CVE-2025-9806 Tenda F1202 Administrative shadow hard-coded credentials

A vulnerability was determined in Tenda F1202 1.2.0.9/1.2.0.14/1.2.0.20. Impacted is an unknown function of the file /etcro/shadow of the component Administrative Interface. This manipulation with the input Fireitup causes hard-coded credentials. The attack can only be executed locally. A high...

Tenda AC9 Hardcoding Vulnerability

Tenda AC9 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in 2016. The Tenda AC9 suffers from a hard-coded vulnerability that originates from an unknown function in the file /etcro/shadow of the component management interface, which can be exploited by an attacker...

SunPower PVS6 信任管理问题漏洞

The SunPower PVS6 is a data monitoring and communication gateway for solar photovoltaic systems from SunPower, Inc. A trust management issue vulnerability exists in the SunPower PVS6 that stems from the use of hard-coded encryption parameters and disclosure of protocol details, which could result...

PT-2025-35520

Name of the Vulnerable Software and Affected Versions: Tenda F1202 versions 1.2.0.9 through 1.2.0.20 Description: A vulnerability exists in the Tenda F1202 device, specifically impacting an unknown function within the /etc ro/shadow file of the Administrative Interface component. Manipulation of...

CVE-2025-9778

A security vulnerability has been detected in Tenda W12 up to 3.0.0.63948. Affected is an unknown function of the file /etcro/shadow of the component Administrative Interface. The manipulation leads to hard-coded credentials. An attack has to be approached locally. The complexity of an attack is...

CVE-2025-9778

A security vulnerability has been detected in Tenda W12 up to 3.0.0.63948. Affected is an unknown function of the file /etcro/shadow of the component Administrative Interface. The manipulation leads to hard-coded credentials. An attack has to be approached locally. The complexity of an attack is...

CVE-2025-9778 Tenda W12 Administrative shadow hard-coded credentials

A security vulnerability has been detected in Tenda W12 up to 3.0.0.63948. Affected is an unknown function of the file /etcro/shadow of the component Administrative Interface. The manipulation leads to hard-coded credentials. An attack has to be approached locally. The complexity of an attack is...

CVE-2025-9778

CVE-2025-9778 affects Tenda W12 (up to 3.0.0.6/3948) in the Administrative Interface. The vulnerability is due to hard-coded credentials in the /etc_ro/shadow component, enabling local access with elevated risk. Impact is user credential exposure and potential unauthorized access within affected ...

CVE-2025-9778 Tenda W12 Administrative shadow hard-coded credentials

A security vulnerability has been detected in Tenda W12 up to 3.0.0.63948. Affected is an unknown function of the file /etcro/shadow of the component Administrative Interface. The manipulation leads to hard-coded credentials. An attack has to be approached locally. The complexity of an attack is...

PT-2025-35477

Name of the Vulnerable Software and Affected Versions: Tenda W12 versions prior to 3.0.0.7 Description: A security issue has been identified in Tenda W12. The issue involves hard-coded credentials within the file /etc ro/shadow of the Administrative Interface component. Exploitation requires loca...

Tenda W12 安全漏洞

Tenda W12 is a dual-band Gigabit wireless panelized access point AP from Tenda Technology, designed for hotels, villas, large homes and other scenarios, supporting the IEEE802.11ac protocol and the Wave2 standard with 1167Mbps dual-band concurrent rate. The Tenda W12 suffers from a hard-coded...

CVE-2025-9731

A vulnerability was determined in Tenda AC9 15.03.05.19. The impacted element is an unknown function of the file /etcro/shadow of the component Administrative Interface. This manipulation causes hard-coded credentials. It is possible to launch the attack on the local host. The attack's complexity...

CVE-2025-9731

A vulnerability was determined in Tenda AC9 15.03.05.19. The impacted element is an unknown function of the file /etcro/shadow of the component Administrative Interface. This manipulation causes hard-coded credentials. It is possible to launch the attack on the local host. The attack's complexity...

CVE-2025-9731 Tenda AC9 Administrative shadow hard-coded credentials

A vulnerability was determined in Tenda AC9 15.03.05.19. The impacted element is an unknown function of the file /etcro/shadow of the component Administrative Interface. This manipulation causes hard-coded credentials. It is possible to launch the attack on the local host. The attack's complexity...

CVE-2025-9731

CVE-2025-9731 affects Tenda AC9 firmware version 15.03.05.19, specifically the Administrative Interface function handling /. The vulnerability stems from an unknown function in the /etc_ro/shadow file, enabling hard-coded credentials. Attack is local with high complexity, and exploitation is publ...

CVE-2025-9731 Tenda AC9 Administrative shadow hard-coded credentials

A vulnerability was determined in Tenda AC9 15.03.05.19. The impacted element is an unknown function of the file /etcro/shadow of the component Administrative Interface. This manipulation causes hard-coded credentials. It is possible to launch the attack on the local host. The attack's complexity...

CVE-2025-9725

A vulnerability was identified in Cudy LT500E up to 2.3.12. Affected is an unknown function of the file /squashfs-root/etc/shadow of the component Web Interface. The manipulation leads to use of hard-coded password. The attack must be carried out locally. The attack's complexity is rated as high...