Unpatched
CVE-2026-11405: Undocumented Admin Backdoor in Tenda Router Firmware, No Patch Available
CERT/CC disclosed a hardcoded backdoor password mechanism in Tenda router firmware that grants full admin access regardless of the real password — Tenda has not responded to coordination attempts since May, and there is no patch.