{"api_version":"1","generated_at":"2026-05-31T19:13:03+00:00","cve":"CVE-2025-9778","urls":{"html":"https://cve.report/CVE-2025-9778","api":"https://cve.report/api/cve/CVE-2025-9778.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2025-9778","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2025-9778"},"summary":{"title":"Tenda W12 Administrative shadow hard-coded credentials","description":"A security vulnerability has been detected in Tenda W12 up to 3.0.0.6(3948). Affected is an unknown function of the file /etc_ro/shadow of the component Administrative Interface. The manipulation leads to hard-coded credentials. An attack has to be approached locally. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed publicly and may be used.","state":"PUBLISHED","assigner":"VulDB","published_at":"2025-09-01 12:15:32","updated_at":"2026-04-29 01:00:01"},"problem_types":["CWE-259","CWE-798","CWE-798 Hard-coded Credentials","CWE-259 Use of Hard-coded Password"],"metrics":[{"version":"4.0","source":"cna@vuldb.com","type":"Secondary","score":"0.9","severity":"LOW","vector":"CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","data":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":0.9,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}},{"version":"4.0","source":"CNA","type":"DECLARED","score":"1.8","severity":"LOW","vector":"CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P","data":{"baseScore":1.8,"baseSeverity":"LOW","vectorString":"CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P","version":"4.0"}},{"version":"3.1","source":"nvd@nist.gov","type":"Primary","score":"7","severity":"HIGH","vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"3.1","source":"cna@vuldb.com","type":"Secondary","score":"1.9","severity":"LOW","vector":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N","baseScore":1.9,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"}},{"version":"3.1","source":"CNA","type":"DECLARED","score":"1.9","severity":"LOW","vector":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R","data":{"baseScore":1.9,"baseSeverity":"LOW","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R","version":"3.1"}},{"version":"3.0","source":"CNA","type":"DECLARED","score":"1.9","severity":"LOW","vector":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R","data":{"baseScore":1.9,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R","version":"3.0"}},{"version":"2.0","source":"cna@vuldb.com","type":"Secondary","score":"0.8","severity":"","vector":"AV:L/AC:H/Au:M/C:P/I:N/A:N","data":{"version":"2.0","vectorString":"AV:L/AC:H/Au:M/C:P/I:N/A:N","baseScore":0.8,"accessVector":"LOCAL","accessComplexity":"HIGH","authentication":"MULTIPLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"}},{"version":"2.0","source":"CNA","type":"DECLARED","score":"0.8","severity":"","vector":"AV:L/AC:H/Au:M/C:P/I:N/A:N/E:POC/RL:ND/RC:UR","data":{"baseScore":0.8,"vectorString":"AV:L/AC:H/Au:M/C:P/I:N/A:N/E:POC/RL:ND/RC:UR","version":"2.0"}}],"references":[{"url":"https://github.com/August829/Yu/blob/main/58ead8e7e08bfb0e8.md","name":"https://github.com/August829/Yu/blob/main/58ead8e7e08bfb0e8.md","refsource":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Not Applicable"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.tenda.com.cn/","name":"https://www.tenda.com.cn/","refsource":"cna@vuldb.com","tags":["Product"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://vuldb.com/?id.322080","name":"https://vuldb.com/?id.322080","refsource":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://vuldb.com/?ctiid.322080","name":"https://vuldb.com/?ctiid.322080","refsource":"cna@vuldb.com","tags":["Permissions Required","VDB Entry"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://vuldb.com/?submit.640969","name":"https://vuldb.com/?submit.640969","refsource":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://github.com/August829/Yu/blob/main/58ead8e7e08bfb0e8.md#steps-to-reproduce","name":"https://github.com/August829/Yu/blob/main/58ead8e7e08bfb0e8.md#steps-to-reproduce","refsource":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Not Applicable"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2025-9778","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-9778","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Tenda","product":"W12","version":"affected 1.0.0.1(5411)","platforms":[]},{"source":"CNA","vendor":"Tenda","product":"W12","version":"affected 1.0.0.5(9419)","platforms":[]},{"source":"CNA","vendor":"Tenda","product":"W12","version":"affected 2.0.0.3(8326)","platforms":[]},{"source":"CNA","vendor":"Tenda","product":"W12","version":"affected 2.0.0.6(10720)","platforms":[]},{"source":"CNA","vendor":"Tenda","product":"W12","version":"affected 3.0.0.5(3644)","platforms":[]},{"source":"CNA","vendor":"Tenda","product":"W12","version":"affected 3.0.0.6(3948)","platforms":[]}],"timeline":[{"source":"CNA","time":"2025-09-01T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"source":"CNA","time":"2025-09-01T02:00:00.000Z","lang":"en","value":"VulDB entry created"},{"source":"CNA","time":"2025-09-01T07:09:55.000Z","lang":"en","value":"VulDB entry last update"}],"solutions":[],"workarounds":[],"exploits":[],"credits":[{"source":"CNA","value":"Yu Bao (VulDB User)","lang":"en"}],"nvd_cpes":[{"cve_year":"2025","cve_id":"9778","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"tenda","cpe5":"w12","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"9778","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"tenda","cpe5":"w12_firmware","cpe6":"3.0.0.6\\(3948\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2025-9778","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2025-09-02T14:27:55.530662Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2025-09-02T15:09:50.176Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"references":[{"tags":["exploit"],"url":"https://github.com/August829/Yu/blob/main/58ead8e7e08bfb0e8.md"},{"tags":["exploit"],"url":"https://github.com/August829/Yu/blob/main/58ead8e7e08bfb0e8.md#steps-to-reproduce"}],"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"modules":["Administrative Interface"],"product":"W12","vendor":"Tenda","versions":[{"status":"affected","version":"1.0.0.1(5411)"},{"status":"affected","version":"1.0.0.5(9419)"},{"status":"affected","version":"2.0.0.3(8326)"},{"status":"affected","version":"2.0.0.6(10720)"},{"status":"affected","version":"3.0.0.5(3644)"},{"status":"affected","version":"3.0.0.6(3948)"}]}],"credits":[{"lang":"en","type":"reporter","value":"Yu Bao (VulDB User)"}],"descriptions":[{"lang":"en","value":"A security vulnerability has been detected in Tenda W12 up to 3.0.0.6(3948). Affected is an unknown function of the file /etc_ro/shadow of the component Administrative Interface. The manipulation leads to hard-coded credentials. An attack has to be approached locally. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed publicly and may be used."},{"lang":"de","value":"Eine Schwachstelle wurde in Tenda W12 bis 3.0.0.6(3948) gefunden. Hiervon betroffen ist ein unbekannter Codeblock der Datei /etc_ro/shadow der Komponente Administrative Interface. Durch Beeinflussen mit unbekannten Daten kann eine hard-coded credentials-Schwachstelle ausgenutzt werden. Der Angriff erfordert einen lokalen Zugriff. Das Durchführen eines Angriffs ist mit einer relativ hohen Komplexität verbunden. Sie gilt als schwierig auszunutzen. Der Exploit steht zur öffentlichen Verfügung."}],"metrics":[{"cvssV4_0":{"baseScore":1.8,"baseSeverity":"LOW","vectorString":"CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P","version":"4.0"}},{"cvssV3_1":{"baseScore":1.9,"baseSeverity":"LOW","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R","version":"3.1"}},{"cvssV3_0":{"baseScore":1.9,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R","version":"3.0"}},{"cvssV2_0":{"baseScore":0.8,"vectorString":"AV:L/AC:H/Au:M/C:P/I:N/A:N/E:POC/RL:ND/RC:UR","version":"2.0"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-798","description":"Hard-coded Credentials","lang":"en","type":"CWE"}]},{"descriptions":[{"cweId":"CWE-259","description":"Use of Hard-coded Password","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2025-09-01T12:02:08.108Z","orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB"},"references":[{"name":"VDB-322080 | Tenda W12 Administrative shadow hard-coded credentials","tags":["vdb-entry"],"url":"https://vuldb.com/?id.322080"},{"name":"VDB-322080 | CTI Indicators (IOB, IOC, TTP, IOA)","tags":["signature","permissions-required"],"url":"https://vuldb.com/?ctiid.322080"},{"name":"Submit #640969 | Tenda AP W12 V1/V2/V3 Hard-coded Credentials","tags":["third-party-advisory"],"url":"https://vuldb.com/?submit.640969"},{"tags":["related"],"url":"https://github.com/August829/Yu/blob/main/58ead8e7e08bfb0e8.md"},{"tags":["exploit"],"url":"https://github.com/August829/Yu/blob/main/58ead8e7e08bfb0e8.md#steps-to-reproduce"},{"tags":["product"],"url":"https://www.tenda.com.cn/"}],"timeline":[{"lang":"en","time":"2025-09-01T00:00:00.000Z","value":"Advisory disclosed"},{"lang":"en","time":"2025-09-01T02:00:00.000Z","value":"VulDB entry created"},{"lang":"en","time":"2025-09-01T07:09:55.000Z","value":"VulDB entry last update"}],"title":"Tenda W12 Administrative shadow hard-coded credentials"}},"cveMetadata":{"assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","assignerShortName":"VulDB","cveId":"CVE-2025-9778","datePublished":"2025-09-01T12:02:08.108Z","dateReserved":"2025-09-01T05:04:51.235Z","dateUpdated":"2025-09-02T15:09:50.176Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2025-09-01 12:15:32","lastModifiedDate":"2026-04-29 01:00:01","problem_types":["CWE-259","CWE-798","CWE-798 Hard-coded Credentials","CWE-259 Use of Hard-coded Password"],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":0.9,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N","baseScore":1.9,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.5,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1,"impactScore":5.9}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:H/Au:M/C:P/I:N/A:N","baseScore":0.8,"accessVector":"LOCAL","accessComplexity":"HIGH","authentication":"MULTIPLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":1.2,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:w12_firmware:3.0.0.6\\(3948\\):*:*:*:*:*:*:*","matchCriteriaId":"5A053AC4-B48D-4733-B713-50F8CA2958A3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tenda:w12:-:*:*:*:*:*:*:*","matchCriteriaId":"92DF99FB-59B8-4B31-AE17-E898ED2CF217"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2025","CveId":"9778","Ordinal":"1","Title":"Tenda W12 Administrative shadow hard-coded credentials","CVE":"CVE-2025-9778","Year":"2025"},"notes":[{"CveYear":"2025","CveId":"9778","Ordinal":"1","NoteData":"A security vulnerability has been detected in Tenda W12 up to 3.0.0.6(3948). Affected is an unknown function of the file /etc_ro/shadow of the component Administrative Interface. The manipulation leads to hard-coded credentials. An attack has to be approached locally. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed publicly and may be used.","Type":"Description","Title":"Tenda W12 Administrative shadow hard-coded credentials"}]}}}