Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.9
Tenda AC8 16.03.50.11: Remote Authentication Bypass via IP Address
CVE-2026-4252
Summary
The Tenda AC8 router's IPv6 authentication can be bypassed remotely, allowing unauthorized access. This is a serious security risk because it lets attackers gain access to the router and potentially the network. Tenda should be contacted to update the router software to fix this issue.
Original title
A vulnerability was identified in Tenda AC8 16.03.50.11. Affected by this issue is the function check_is_ipv6 of the component IPv6 Handler. The manipulation leads to reliance on ip address for aut...
Original description
A vulnerability was identified in Tenda AC8 16.03.50.11. Affected by this issue is the function check_is_ipv6 of the component IPv6 Handler. The manipulation leads to reliance on ip address for authentication. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.
nvd CVSS2.0
10.0
nvd CVSS3.1
9.8
nvd CVSS4.0
8.9
Vulnerability type
CWE-287
Improper Authentication
CWE-291
Published: 16 Mar 2026 · Updated: 16 Mar 2026 · First seen: 16 Mar 2026