7
CVE-2025-9731
- EPSS 0.13%
- Veröffentlicht 31.08.2025 13:32:07
- Zuletzt bearbeitet 29.04.2026 01:00:01
- Quelle cna@vuldb.com
- CVE-Watchlists
- Unerledigt
Tenda AC9 Administrative shadow hard-coded credentials
A vulnerability was determined in Tenda AC9 15.03.05.19. The impacted element is an unknown function of the file /etc_ro/shadow of the component Administrative Interface. This manipulation causes hard-coded credentials. It is possible to launch the attack on the local host. The attack's complexity is rated as high. The exploitability is regarded as difficult. The exploit has been publicly disclosed and may be utilized.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Tenda ≫ Ac9 Firmware Version15.03.05.19
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.03 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7 | 1 | 5.9 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| cna@vuldb.com | 1.1 | 0 | 0 |
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| cna@vuldb.com | 2.5 | 1 | 1.4 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
|
| cna@vuldb.com | 1 | 1.5 | 2.9 |
AV:L/AC:H/Au:S/C:P/I:N/A:N
|
CWE-259 Use of Hard-coded Password
The product contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components.
CWE-798 Use of Hard-coded Credentials
The product contains hard-coded credentials, such as a password or cryptographic key.
https://www.tenda.com.cn/
https://vuldb.com/?id.322022
https://vuldb.com/?ctiid.322022
https://vuldb.com/?submit.639748
https://github.com/August829/Yu/blob/main/58ead8e7e08bfb0e4.md