Plateforme
tenda
Composant
tenda_ac8_v5
CVE-2026-4252 is a critical authentication bypass vulnerability discovered in Tenda AC8 firmware version 16.03.50.11. This flaw allows attackers to bypass authentication mechanisms by manipulating IP addresses, potentially granting them unauthorized access to the device. The vulnerability impacts devices running the specified firmware version and requires immediate attention to prevent exploitation. A patch is expected from Tenda.
The impact of CVE-2026-4252 is severe. Successful exploitation allows an attacker to bypass authentication and gain unauthorized access to the Tenda AC8 router. This could lead to complete control over the device, including the ability to modify network settings, intercept traffic, launch attacks against other devices on the network, and potentially exfiltrate sensitive data. The availability of a public exploit significantly increases the risk of widespread exploitation, particularly given the prevalence of Tenda routers in home and small office environments. The reliance on IP addresses for authentication is a fundamental flaw, making the bypass relatively straightforward.
CVE-2026-4252 is considered a high-probability threat due to the availability of a public proof-of-concept exploit. While no active exploitation campaigns have been publicly confirmed, the ease of exploitation makes it likely that attackers are already leveraging this vulnerability. The vulnerability was publicly disclosed on 2026-03-16. It's crucial to prioritize patching or implementing mitigation measures to prevent compromise.
Home users and small businesses relying on Tenda AC8 routers running firmware version 16.03.50.11 are at significant risk. Shared hosting environments utilizing Tenda routers for network management are also vulnerable. Any network where the Tenda AC8 is used as a primary gateway is potentially exposed to attack.
• tenda: Use curl to check for the vulnerable endpoint and attempt IP address manipulation.
curl -X POST -d 'ip=192.168.1.1' http://<router_ip>/ipv6• generic web: Monitor access logs for unusual POST requests to /ipv6 with manipulated IP addresses in the request body.
• generic web: Check router's response headers for unexpected behavior or error messages after attempting IP address manipulation.
disclosure
poc
Statut de l'Exploit
EPSS
0.15% (percentile 36%)
CISA SSVC
Vecteur CVSS
The primary mitigation for CVE-2026-4252 is to upgrade to a patched firmware version as soon as it becomes available from Tenda. Until a patch is released, consider implementing temporary workarounds to reduce the attack surface. These include configuring a strict firewall to restrict access to the router's management interface from untrusted networks. Implementing strong password policies and disabling unnecessary services can also help to limit the potential impact of a successful attack. Monitor network traffic for suspicious activity and consider using intrusion detection systems (IDS) to identify and block malicious attempts.
Mettre à jour le firmware du routeur Tenda AC8 à une version ultérieure à 16.03.50.11 qui corrige la vulnérabilité d'authentification basée sur l'adresse IP. Consulter le site web du fabricant pour obtenir la dernière version du firmware et les instructions de mise à jour.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2026-4252 is a critical vulnerability in Tenda AC8 firmware 16.03.50.11 allowing attackers to bypass authentication by manipulating IP addresses, potentially gaining full control of the router.
If you are using Tenda AC8 firmware version 16.03.50.11, you are potentially affected by this vulnerability and should take immediate action to mitigate the risk.
The recommended fix is to upgrade to a patched firmware version from Tenda as soon as it becomes available. Until then, implement strict firewall rules and monitor network traffic.
While no confirmed active exploitation campaigns are public, the availability of a public exploit suggests a high likelihood of exploitation.
Please refer to the Tenda website or their security advisory page for the latest information and official advisory regarding CVE-2026-4252.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.