High severity8.4NVD Advisory· Published Mar 10, 2026· Updated Apr 9, 2026

CVE-2025-70798

Description

Tenda i24V3.0si V3.0.0.5 Firmware V3.0.0.5 was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root.

Affected products

Tenda/I24 Firmware
cpe:2.3:o:tenda:i24_firmware:3.0.0.5:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/vuln-1/vuln/blob/main/Tenda/i24V3.0si_V3.0.0.5/report-1.mdnvdExploitThird Party Advisory
www.tendacn.comnvdProduct

News mentions

No linked articles in our index yet.

cvss	0.546
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000