CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-46436: Hardcoded credentials in Tenda W18E V16.01.0.8(1625) allows unauthenticated remote attackers to gain root access to the device over the telnet...

Description

Hardcoded credentials in Tenda W18E V16.01.0.8(1625) allows unauthenticated remote attackers to gain root access to the device over the telnet service.

Classification

CVE ID: CVE-2024-46436

Affected Products

Vendor: n/a

Product: n/a

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.88% (scored less or equal to compared to others)

EPSS Date: 2025-03-11 (when was this score calculated)

References

https://reddassolutions.com/blog/tenda_w18e_security_research

Timeline

2025-02-11 00:32:57 UTC
CVE

Hardcoded credentials in Tenda W18E V16.01.0.8(1625) allows unauthenticated remote attackers to gain root access to the device over the telnet...