A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24_cn. Affected by this issue is some unknown functionality of the component Telnet…
VulDB·CWE-798·Published 2026-01-29
A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24_cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is needed for the attack. The exploitation is known to be difficult. The exploit has been made public and could be used.
A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24_cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is needed for the attack. The exploitation is known to be difficult. The exploit has been made public and could be used.
Una vulnerabilidad fue encontrada en Tenda AX12 Pro V2 16.03.49.24_cn. Afectada por este problema es alguna funcionalidad desconocida del componente Servicio Telnet. Realizar una manipulación resulta en credenciales codificadas de forma rígida. El ataque es posible de ser llevado a cabo remotamente. Un alto grado de complejidad es necesario para el ataque. La explotación se sabe que es difícil. El exploit ha sido hecho público y podría ser usado.
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 2.0 | Primary | cve.org | 7.6 | — | — | AV:N/AC:H/Au:N/C:C/I:C/A:C/E:POC/RL:ND/RC:UR |
| 2.0 | Primary | cve.org | 7.6 | — | — | AV:N/AC:H/Au:N/C:C/I:C/A:C/E:POC/RL:ND/RC:UR |
| 2.0 | Secondary | NVD | 7.6 | 4.9 | 10.0 | AV:N/AC:H/Au:N/C:C/I:C/A:C |
| 3.0 | Primary | cve.org | 8.1 | — | — | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R |
| 3.0 | Primary | cve.org | 8.1 | — | — | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R |
| 3.1 | Primary | NVD | 8.1 | 2.2 | 5.9 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
| 3.1 | Primary | cve.org | 8.1 | — | — | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R |
| 3.1 | Primary | cve.org | 8.1 | — | — | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R |
| 3.1 | Secondary | NVD | 8.1 | 2.2 | 5.9 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
| 4.0 | Primary | cve.org | 9.2 | — | — | CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P |
| 4.0 | Primary | cve.org | 9.2 | — | — | CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P |
| 4.0 | Secondary | NVD | 8.2 | — | — | CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |