Your Tenda router could have a hidden firmware backdoor – disable this setting ASAP


Tenda firmware bakes a backdoor into routers

Adrian Kingsley-Hughes/ZDNET

Follow ZDNET: Add us as a preferred source on Google.


ZDNET’s key takeaways

  • Some Tenda routers have a firmware backdoor.
  • The backdoor can be exploited remotely.
  • Details of the backdoor are easily available.

Several firmware versions released for a popular brand of routers have been found to contain an undocumented backdoor that can allow anyone full access to the hardware.

The brand in question is Tenda, a company that manufactures network equipment such as routers, switches, access points, and video cameras. It’s a popular brand that sells hardware via the usual channels, such as Amazon.

The vulnerability was discovered by an anonymous researcher and reported by the CERT Coordination Center (CERT/CC) earlier this week.

Also: How I turned my old Android phone into a Wi-Fi extender – and fixed dead spots at home

Put simply, the backdoor is an admin password that’s been baked into the firmware that allows anyone who knows it to bypass access control security (username and password) and access the internal settings of the router.

By accessing a router’s administration panel, an attacker would be able to carry out a number of tasks that you might not want a third party to be able to do, from running internal network scans to find all the devices on the network to grabbing the Wi-Fi passcodes, setting up certain ports and web traffic to be forwarded to another destination, and disabling security features.

Also: My home’s Wi-Fi dead zones were worse than I thought – here’s what fixed them

While CERT has not reported what the username and password backdoor is, I was able to find it pretty easily, and since I have some Tenda hardware here, I was able to confirm that the backdoor works.

Given the ease of the hack, the fact that all the details are out there, and the popularity of Tenda hardware, I expect this hack to be exploited by hackers.

Firmware versions affected

The firmware versions that are affected are:

  • US_FH1201V1.0BR_V1.2.0.14(408)_EN_TD
  • US_W15EV1.0br_V15.11.0.5(1068_1567_841)_EN_TDE
  • US_AC10V1.0re_V15.03.06.46_multi_TDE01
  • US_AC5V1.0RTL_V15.03.06.48_multi_TDE01
  • US_AC6V2.0RTL_V15.03.06.51_multi_T

It’s not known if this backdoor was added maliciously or as some sort of way for tech support to access hardware where the user has lost the password.

Also: Chrome’s next update will kill your ad blocker – and make the web less safe

Either way, it’s not a good thing.

If this vulnerability required hands-on access to the router, the scope of attack would be quite limited. Unfortunately, this can be exploited remotely over the internet.

What you can do now

If you own Tenda hardware, your best defense is to disable remote web management and change the default LAN IP until Tenda releases a patch to fix this backdoor.

Also: 5 ways to fortify your network against the new speed of AI attacks

I thought that I might be able to install an open-source firmware on the router, like DD-WRT, but because of the custom chipsets that Tenda uses, there aren’t any available.

ZDNET has reached out to Tenda for comment and a possible timeline for a patch, but as of the time of writing, the company has not replied. CERT reports that it, too, “were unable to reach the vendor to coordinate this vulnerability.”





Source link

Leave a Reply

Subscribe to Our Newsletter

Get our latest articles delivered straight to your inbox. No spam, we promise.

Recent Reviews


AirPods Pro 3

Jada Jones/ZDNET

This year’s WWDC is packed with announcements, including customization to the Liquid Glass display, substantial upgrades to Siri, and more intuitive device functionality.

Also: Apple WWDC 2026: Live updates on iOS 27, Siri, and Tim Cook’s last event as CEO

If you’re an avid AirPods user, there’s one announcement that may excite you, but speakers breezed past it, offering hardly any details. Still, Apple promised a real equalizer in iOS 27, finally giving users the opportunity to customize the sound of their AirPods. 

Apple didn’t say much about the equalizer, but a brief animation showed a graphic EQ, with options to create a custom EQ profile or choose Apple’s recommended EQ settings. Users can adjust lows, mids, and highs, though it’s unclear how precise the equalizer will be.

AirPods EQ WWDC

Apple

Previously, Apple had full faith in its headphones’ sound profile, vowing that its sound engineers crafted AirPods to sound as best as possible. Still, users prefer some control over their devices, and a custom EQ is a welcome addition.

Also: The feature Apple needs to make HomePod stand out isn’t audio-related

AirPods users could only change their AirPods sound profiles in Apple Music settings, and this customization feature still limited them to preset EQ profiles. 

An equalizer is a staple feature for consumer headphones, and even the most limited equalizers are better than none. Bose’s equalizer, for example, allows users to toggle bass, mids, and treble on a 20-point scale. 

Other companies, like JBL, offer a detailed equalizer with 10 frequency bands, adjustable in Hz. I don’t expect Apple’s equalizer to be as thorough as JBL’s, but instead to be on par with Bose’s. Either way, even if you’re content with your AirPods’ sound profile, the option to change it is what matters. 





Source link