| Title | Tenda Tenda Wi-Fi 5 Router AC10 AC10V4.0si_V16.03.10.13 Hard-coded Credentials |
|---|
| Description | A hard-coded credentials vulnerability was identified in the Tenda Wi-Fi 5 Router AC10 device running firmware version AC10V4.0si_V16.03.10.13. The root user account uses a hard-coded password (cracked as "Fireitup" using the John tool). This password is stored in the file /etc_ro/shadow using MD5-crypt hashing.The vulnerability was discovered by analyzing the firmware (US_AC10V4.0si_V16.03.10.13_cn_TDC01.bin). The file was extracted from the squashfs-root directory, and the MD5-crypt hash of the root user's password was cracked using John, resulting in the password "Fireitup". The cracked password allows attackers to log in to the router's system with root privileges.For instance, it allows unauthorized root access to the device through network-accessible services or the administrative interface. |
|---|
| Source | ⚠️ https://github.com/XXRicardo/iot-cve/blob/main/Tenda/AC10/V4.0si_V16.03.10.13.md |
|---|
| User | lxyilu (UID 88936) |
|---|
| Submission | 08/13/2025 10:10 (8 months ago) |
|---|
| Moderation | 08/21/2025 08:06 (8 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 320914 [Tenda AC10 16.03.10.13 MD5 Hash /etc_ro/shadow hard-coded credentials] |
|---|
| Points | 20 |
|---|