2 matches found
CVE-2026-11405 Hidden backdoor authentication mechanism in multiple versions of Tenda firmware allows admin access to web management interface
The web server binary /bin/httpd contains a hidden backdoor authentication mechanism in the login function at 004c88b8. - The function contains a normal authentication path using MD5/hash-based password verification prodencode64/PasswordToMd5/checkrandkey. - After normal authentication fails, it...
CVE-2023-2790
A vulnerability classified as problematic has been found in TOTOLINK N200RE 9.3.5u.6255B20211224. Affected is an unknown function of the file /squashfs-root/etcro/custom.conf of the component Telnet Service. The manipulation leads to password in configuration file. It is possible to launch the...