A severe vulnerability in multiple Tenda router models is allowing attackers to completely hijack the devices, and the manufacturer has no plans to release a fix. CERT/CC has issued an advisory documenting an undocumented authentication backdoor that provides full administrative privileges to anyone who uses it.
The flaw centers on a hidden password embedded in the router's firmware. An attacker who enters this credential into the web management interface can bypass all normal login procedures, gaining unrestricted control over the device's configuration and network traffic.
This backdoor is present across various firmware versions, meaning a wide swath of consumer-grade hardware is affected. With no official patch in development from Tenda, the vulnerability represents a permanent security gap in these devices. The hardcoded password itself is not listed in user manuals, but it has been documented in public security research, making it readily available for exploitation.
For home and small business users, the risks are significant. An attacker on the same local network, or anyone who can reach the management page from the internet if it is poorly configured, could seize control of the network's core gateway. This could enable traffic interception, redirection to malicious sites, or attacks on any connected device.
Given the absence of a vendor-provided remedy, CERT/CC's guidance focuses entirely on user-led mitigations. The primary recommendation is to strictly limit access to the router's administration panel. Users should ensure the panel is not accessible from the internet (WAN side) and, where possible, configure firewall rules to restrict access to only trusted, specific local devices. Changing the default administrative password to a strong, unique one can also add a defensive layer if the interface remains accessible locally.
In high-risk scenarios, isolating the router or replacing it with a more secure alternative from a vendor with a proactive security record may be the most prudent action. This incident highlights a chronic issue in consumer IoT: devices can ship with hidden development or debug features that later become critical, unpatched vulnerabilities, placing the entire burden of security on the end user. Monitoring for any future updates from Tenda or CERT/CC remains advisable.
多款騰達路由器型號存在嚴重漏洞,攻擊者可藉此完全劫持設備,而製造商並無計劃發布修復方案。CERT/CC 已發布公告,記錄了一個未記載的認證後門,任何使用該後門者均可獲得完整管理員權限。
該漏洞源於路由器韌體中嵌入的隱藏密碼。攻擊者若將此憑證輸入網絡管理界面,便可繞過所有正常登入程序,取得設備配置與網絡流量的不受限控制權。
此後門存在於多個韌體版本,意味著大量消費級硬件受影響。由於騰達並未開發官方修補程式,此漏洞將成為這些設備的永久安全缺口。該硬編碼密碼本身未列於用戶手冊中,但已在公開安全研究中被記錄,使其易於被利用。
對家庭及小型企業用戶而言,風險極高。處於同一本地網絡的攻擊者,或任何能從互聯網存取管理頁面(若配置不當)的人士,均可奪取網絡核心閘道的控制權。這可能導致流量攔截、重定向至惡意網站,或對任何已連接設備發動攻擊。
鑑於缺乏廠商提供的補救措施,CERT/CC 的指引完全集中於用戶主導的緩解措施。首要建議是嚴格限制對路由器管理面板的存取。用戶應確保該面板無法從互聯網(WAN 側)存取,並盡可能配置防火牆規則以限制僅允許受信任的特定本地設備存取。若界面仍可本地存取,將預設管理員密碼更改為強健且獨特的密碼亦可增加一層防禦。
在高風險情況下,隔離路由器或更換為來自具有良好安全記錄廠商的安全替代品,可能為最審慎的行動。此事件突顯了消費類物聯網設備的長期問題:設備可能出廠時內置隱藏的開發或調試功能,日後演變為關鍵且無修補的漏洞,將全部安全責任轉嫁給最終用戶。持續關注騰達或 CERT/CC 的任何未來更新仍屬明智之舉。
