← Retour aux CVEs
CVE-2025-9806
LOW1.9
Description
A vulnerability was determined in Tenda F1202 1.2.0.9/1.2.0.14/1.2.0.20. Impacted is an unknown function of the file /etc_ro/shadow of the component Administrative Interface. This manipulation with the input Fireitup causes hard-coded credentials. The attack can only be executed locally. A high degree of complexity is needed for the attack. The exploitability is considered difficult. The exploit has been publicly disclosed and may be utilized.
Details CVE
Score CVSS v3.11.9
SeveriteLOW
Vecteur CVSSCVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N
Vecteur d'attaqueLOCAL
ComplexiteHIGH
Privileges requisHIGH
Interaction utilisateurNONE
Publie9/2/2025
Derniere modification4/29/2026
Sourcenvd
Observations honeypot0
Produits affectes
tenda:f1202tenda:f1202_firmware
Faiblesses (CWE)
CWE-259CWE-798
References
https://vuldb.com/?ctiid.322130(cna@vuldb.com)
https://vuldb.com/?id.322130(cna@vuldb.com)
https://vuldb.com/?submit.640980(cna@vuldb.com)
https://www.tenda.com.cn/(cna@vuldb.com)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.