{“lastseen”:””,”description”:”A vulnerability has been found in Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G and TEG5328F up to 65.10.15.6. Affected is an unknown function of the component Shadow File. Such manipulation with the input Fireitup leads to hard-coded credentials. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.”,”published”:”2025-12-31T01:02:06.989Z”,”modified”:”2025-12-31T01:02:06.989Z”,”type”:”cve”,”title”:”Tenda i24 Shadow File hard-coded credentials”,”source”:”VulDB”,”references”:”https:\/\/vuldb.com\/?id.339075\\nhttps:\/\/vuldb.com\/?ctiid.339075\\nhttps:\/\/vuldb.com\/?submit.727155\\nhttps:\/\/vuldb.com\/?submit.727283\\nhttps:\/\/vuldb.com\/?submit.727284\\nhttps:\/\/vuldb.com\/?submit.727285\\nhttps:\/\/vuldb.com\/?submit.727302\\nhttps:\/\/vuldb.com\/?submit.727305\\nhttps:\/\/vuldb.com\/?submit.727306\\nhttps:\/\/github.com\/vuln-1\/vuln\/blob\/main\/Tenda\/i24v3.0_V3.0.0.8\/report-1.md\\nhttps:\/\/www.tenda.com.cn\/”,”id”:”CVE-2025-15371″,”bulletinFamily”:””,”cwe”:[“CWE-798″,”CWE-259″],”cvelist”:null,”sourceData”:”Tenda i24 1.0.0.35\\nTenda i24 3.0.0.8(4008)\\nTenda i24 04.03.01.49\\nTenda i24 04.05.01.15\\nTenda i24 04.08.01.28\\nTenda i24 16.01.8.5\\nTenda i24 65.10.15.6\\nTenda 4G03 Pro 1.0.0.35\\nTenda 4G03 Pro 3.0.0.8(4008)\\nTenda 4G03 Pro 04.03.01.49\\nTenda 4G03 Pro 04.05.01.15\\nTenda 4G03 Pro 04.08.01.28\\nTenda 4G03 Pro 16.01.8.5\\nTenda 4G03 Pro 65.10.15.6\\nTenda 4G05 1.0.0.35\\nTenda 4G05 3.0.0.8(4008)\\nTenda 4G05 04.03.01.49\\nTenda 4G05 04.05.01.15\\nTenda 4G05 04.08.01.28\\nTenda 4G05 16.01.8.5\\nTenda 4G05 65.10.15.6\\nTenda 4G08 1.0.0.35\\nTenda 4G08 3.0.0.8(4008)\\nTenda 4G08 04.03.01.49\\nTenda 4G08 04.05.01.15\\nTenda 4G08 04.08.01.28\\nTenda 4G08 16.01.8.5\\nTenda 4G08 65.10.15.6\\nTenda G0-8G-PoE 1.0.0.35\\nTenda G0-8G-PoE 3.0.0.8(4008)\\nTenda G0-8G-PoE 04.03.01.49\\nTenda G0-8G-PoE 04.05.01.15\\nTenda G0-8G-PoE 04.08.01.28\\nTenda G0-8G-PoE 16.01.8.5\\nTenda G0-8G-PoE 65.10.15.6\\nTenda Nova MW5G 1.0.0.35\\nTenda Nova MW5G 3.0.0.8(4008)\\nTenda Nova MW5G 04.03.01.49\\nTenda Nova MW5G 04.05.01.15\\nTenda Nova MW5G 04.08.01.28\\nTenda Nova MW5G 16.01.8.5\\nTenda Nova MW5G 65.10.15.6\\nTenda TEG5328F 1.0.0.35\\nTenda TEG5328F 3.0.0.8(4008)\\nTenda TEG5328F 04.03.01.49\\nTenda TEG5328F 04.05.01.15\\nTenda TEG5328F 04.08.01.28\\nTenda TEG5328F 16.01.8.5\\nTenda TEG5328F 65.10.15.6″,”sourceHref”:””,”cvss”:{“score”:8.5,”severity”:”HIGH”,”vector”:”CVSS:4.0\/AV:L\/AC:L\/AT:N\/PR:L\/UI:N\/VC:H\/VI:H\/VA:H\/SC:N\/SI:N\/SA:N\/E:P”,”version”:”4.0″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”i24″,”version”:”1.0.0.35″,”vendor”:”Tenda”,”ai_description”:”AI processing failed – no valid JSON found”,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”A vulnerability has been found in Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G and TEG5328F up to 65.10.15.6. Affected is an unknown function…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,44,12,15,13,7,11,5],"class_list":["post-33386","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-85","tag-exploit","tag-high","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n