CVE-2025-52054 — MEDIUM (5.3)

Q: How severe is CVE-2025-52054?

CVE-2025-52054 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2025-52054?

Check the references section above for vendor advisories and patch information. Affected products include: Tenda Ac8 Firmware, Tenda Ac8.

Vulnerability Description

An issue was discovered in Tenda AC8 v4.0 AC1200 Dual-band Gigabit Wireless Router AC8v4.0 Firmware 16.03.33.05. The root password of the device is calculated with a static string and the last two octets of the MAC address of the device. This allows an unauthenticated attacker to authenticate with network services on the device.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Tenda	Ac8 Firmware	<= 16.03.33.05
Tenda	Ac8	4.0

Related Weaknesses (CWE)

CWE-287

References

https://www.virtualhackinglabs.com/advisories/cve-2025-52054-tenda-ac8-calculateExploitThird Party Advisory

FAQ

What is CVE-2025-52054?

CVE-2025-52054 is a vulnerability with a CVSS score of 5.3 (MEDIUM). An issue was discovered in Tenda AC8 v4.0 AC1200 Dual-band Gigabit Wireless Router AC8v4.0 Firmware 16.03.33.05. The root password of the device is calculated with a static string and the last two oct...

How severe is CVE-2025-52054?

CVE-2025-52054 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-52054?

Check the references section above for vendor advisories and patch information. Affected products include: Tenda Ac8 Firmware, Tenda Ac8.