CVE-2026-1610 – The Tenda AX12 Pro V2 router contains hard-code... (How to Fix)

Q: What is the severity of CVE-2026-1610?

CVE-2026-1610 has a CVSS score of 8.1 (HIGH). The Tenda AX12 Pro V2 router contains hard-coded credentials in its Telnet service, allowing remote attackers to gain unauthorized access. This affects users of Tenda AX12 Pro V2 routers with firmware version 16.03.49.24_cn. Attackers can exploit this to compromise the router's administration interface.

📋 TL;DR

The Tenda AX12 Pro V2 router contains hard-coded credentials in its Telnet service, allowing remote attackers to gain unauthorized access. This affects users of Tenda AX12 Pro V2 routers with firmware version 16.03.49.24_cn. Attackers can exploit this to compromise the router's administration interface.

💻 Affected Systems

Products:

Tenda AX12 Pro V2

Versions: 16.03.49.24_cn

Operating Systems: Embedded router firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects the specific firmware version mentioned; other versions may also be vulnerable but unconfirmed.

📦 What is this software?

Ax12 Pro Firmware by Tenda

View all CVEs affecting Ax12 Pro Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete router compromise allowing attackers to intercept network traffic, deploy malware to connected devices, or use the router as a pivot point into internal networks.

🟠

Likely Case

Unauthorized access to router configuration, enabling network reconnaissance, DNS hijacking, or credential theft from network traffic.

🟢

If Mitigated

Limited impact if Telnet service is disabled and strong perimeter controls prevent external access to router management interfaces.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit details are publicly available on GitHub, making weaponization straightforward despite the CVE's complexity rating.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.tenda.com.cn/

Restart Required: No

Instructions:

Check Tenda's official website for firmware updates. If available, download and install the latest firmware through the router's web interface.

🔧 Temporary Workarounds

Disable Telnet Service

all

Turn off the Telnet service to prevent exploitation via this vector.

Access router admin interface -> Advanced Settings -> System Services -> Disable Telnet

Restrict Management Interface Access

all

Limit access to router management interfaces to trusted IP addresses only.

Access router admin interface -> Security -> Firewall -> Add rules to restrict Telnet/SSH/HTTP access

🧯 If You Can't Patch

Isolate affected routers in a separate VLAN with strict network segmentation
Implement network monitoring for Telnet authentication attempts and unusual router configuration changes

🔍 How to Verify

Check if Vulnerable:

Check router firmware version in admin interface. If version is 16.03.49.24_cn, the device is vulnerable.

Check Version:

Login to router web interface and check System Status or About page for firmware version.

Verify Fix Applied:

Verify Telnet service is disabled or test authentication with known hard-coded credentials (if disclosed).

📡 Detection & Monitoring

Log Indicators:

Failed/successful Telnet authentication attempts from unexpected sources
Router configuration changes without authorized user activity

Network Indicators:

Telnet connections to router on port 23 from external IPs
Unusual outbound traffic from router to unknown destinations

SIEM Query:

source="router_logs" AND (event="telnet_login" OR event="configuration_change")

📊 Metadata

CVE ID: CVE-2026-1610

CVSS v3 Score: 8.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-259

EPSS Score: 0.02% exploit probability (4.4th percentile)

Published: January 29, 2026

Last Updated: February 27, 2026

🔗 References

https://github.com/QIU-DIE/CVE/issues/49 Broken Link,Issue Tracking
https://vuldb.com/?ctiid.343378 Permissions Required,VDB Entry
https://vuldb.com/?id.343378 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.740766 Third Party Advisory,VDB Entry
https://www.tenda.com.cn/ Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-1610, you might also want to check these: