Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.5
Tenda AC10 Router: Hardcoded Cryptographic Key Exposed
CVE-2026-5549
Summary
A security issue has been found in the Tenda AC10 router's internal key storage. If exploited, an attacker could potentially use this vulnerability to access sensitive information or take control of the router. Update the router's software to the latest version to protect against this risk.
Original title
A vulnerability was determined in Tenda AC10 16.03.10.10_multi_TDE01. Affected by this issue is some unknown functionality of the file /webroot_ro/pem/privkeySrv.pem of the component RSA 2048-bit P...
Original description
A vulnerability was determined in Tenda AC10 16.03.10.10_multi_TDE01. Affected by this issue is some unknown functionality of the file /webroot_ro/pem/privkeySrv.pem of the component RSA 2048-bit Private Key Handler. Executing a manipulation can lead to use of hard-coded cryptographic key
. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.
. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.
nvd CVSS2.0
5.0
nvd CVSS3.1
5.3
nvd CVSS4.0
5.5
Vulnerability type
CWE-320
CWE-321
Use of Hard-coded Cryptographic Key
Published: 5 Apr 2026 · Updated: 5 Apr 2026 · First seen: 5 Apr 2026