プラットフォーム
tenda
コンポーネント
tenda
CVE-2026-5549 affects the Tenda AC10 router, specifically versions 16.03.10.10multiTDE01. This vulnerability involves the exposure of a hardcoded 2048-bit RSA private key stored within the /webroot_ro/pem/privkeySrv.pem file. Successful exploitation allows remote attackers to potentially compromise the device and its network traffic, leading to significant security implications. While a fix is pending, immediate mitigation steps are crucial.
The core impact of CVE-2026-5549 lies in the exposure of a critical cryptographic key. An attacker gaining access to this private key can decrypt sensitive data transmitted through the router, including user credentials, website traffic, and potentially even VPN connections. This allows for man-in-the-middle attacks, data theft, and unauthorized access to internal network resources. The router's configuration could also be modified, enabling the attacker to redirect traffic or launch further attacks against other devices on the network. The ability to decrypt traffic effectively nullifies the router's security posture, making it a significant risk. The publicly disclosed nature of the exploit increases the likelihood of widespread exploitation.
CVE-2026-5549 was publicly disclosed on 2026-04-05. The availability of a public exploit significantly increases the risk of exploitation. The EPSS score is likely to be assessed as medium to high, reflecting the ease of exploitation and the potential impact. While no specific campaigns have been publicly linked to this CVE at the time of writing, the exposure of a hardcoded private key is a common target for attackers. Monitor security advisories and threat intelligence feeds for any indications of active exploitation.
エクスプロイト状況
EPSS
0.04% (13% パーセンタイル)
CISA SSVC
CVSS ベクトル
Given the severity of the vulnerability and the lack of a confirmed fixed version, immediate mitigation steps are essential. First, isolate the affected Tenda AC10 router from the internet by disabling WAN access or placing it behind a firewall. Next, restrict network access to the router's management interface, limiting access to trusted administrators only. Consider implementing a Web Application Firewall (WAF) or proxy server to filter traffic and block known exploit attempts. While a firmware upgrade is the ultimate solution, monitor Tenda's website for updates and apply them as soon as they become available. After implementing these mitigations, verify their effectiveness by attempting to access the router's management interface from an untrusted network and confirming that access is denied.
Actualice el firmware del dispositivo Tenda AC10 a una versión corregida por el fabricante. Verifique el sitio web oficial de Tenda para obtener las últimas actualizaciones de firmware y siga las instrucciones proporcionadas para una actualización segura. Esta vulnerabilidad implica una clave privada codificada, por lo que la actualización es crucial para mitigar el riesgo.
脆弱性分析と重要アラートをメールでお届けします。
CVE-2026-5549 is a vulnerability affecting Tenda AC10 routers where a 2048-bit RSA private key is hardcoded and accessible, allowing remote attackers to decrypt traffic.
You are affected if you are using a Tenda AC10 router running version 16.03.10.10multiTDE01. Check your router's firmware version to confirm.
The recommended fix is to upgrade to a patched firmware version from Tenda. Until then, isolate the router and restrict network access to mitigate the risk.
The vulnerability is publicly disclosed, increasing the likelihood of exploitation. Monitor security advisories for updates and potential attacks.
Refer to the National Vulnerability Database (NVD) entry for CVE-2026-5549 for detailed information and updates: [https://nvd.nist.gov/vuln/detail/CVE-2026-5549](https://nvd.nist.gov/vuln/detail/CVE-2026-5549)