CVE-2025-15371
Gravedad CVSS v4.0:
ALTA
Tipo:
CWE-259
Contraseñas embebidas en el software
Fecha de publicación:
31/12/2025
Última modificación:
31/12/2025
Descripción
*** Pendiente de traducción *** A vulnerability has been found in Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G and TEG5328F up to 65.10.15.6. Affected is an unknown function of the component Shadow File. Such manipulation with the input Fireitup leads to hard-coded credentials. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
Impacto
Puntuación base 4.0
8.50
Gravedad 4.0
ALTA
Puntuación base 3.x
7.80
Gravedad 3.x
ALTA
Puntuación base 2.0
6.80
Gravedad 2.0
MEDIA
Referencias a soluciones, herramientas e información
- https://github.com/vuln-1/vuln/blob/main/Tenda/i24v3.0_V3.0.0.8/report-1.md
- https://vuldb.com/?ctiid_339075=
- https://vuldb.com/?id_339075=
- https://vuldb.com/?submit_727155=
- https://vuldb.com/?submit_727283=
- https://vuldb.com/?submit_727284=
- https://vuldb.com/?submit_727285=
- https://vuldb.com/?submit_727302=
- https://vuldb.com/?submit_727305=
- https://vuldb.com/?submit_727306=
- https://www.tenda.com.cn/