Vulnerability Description
A security vulnerability has been detected in Tenda W12 up to 3.0.0.6(3948). Affected is an unknown function of the file /etc_ro/shadow of the component Administrative Interface. The manipulation leads to hard-coded credentials. An attack has to be approached locally. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed publicly and may be used.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tenda | W12 Firmware | 3.0.0.6\(3948\) |
| Tenda | W12 | - |
Related Weaknesses (CWE)
References
- https://github.com/August829/Yu/blob/main/58ead8e7e08bfb0e8.mdNot Applicable
- https://github.com/August829/Yu/blob/main/58ead8e7e08bfb0e8.md#steps-to-reproducNot Applicable
- https://vuldb.com/?ctiid.322080Permissions RequiredVDB Entry
- https://vuldb.com/?id.322080Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.640969Third Party AdvisoryVDB Entry
- https://www.tenda.com.cn/Product
- https://github.com/August829/Yu/blob/main/58ead8e7e08bfb0e8.mdNot Applicable
- https://github.com/August829/Yu/blob/main/58ead8e7e08bfb0e8.md#steps-to-reproducNot Applicable
FAQ
What is CVE-2025-9778?
CVE-2025-9778 is a vulnerability with a CVSS score of 1.9 (LOW). A security vulnerability has been detected in Tenda W12 up to 3.0.0.6(3948). Affected is an unknown function of the file /etc_ro/shadow of the component Administrative Interface. The manipulation lead...
How severe is CVE-2025-9778?
CVE-2025-9778 has been rated LOW with a CVSS base score of 1.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-9778?
Check the references section above for vendor advisories and patch information. Affected products include: Tenda W12 Firmware, Tenda W12.