<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-10T03:02:24.330174+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/d298f35c-1ac9-4d18-a133-8e57c13dc7b4/export</id>
    <title>d298f35c-1ac9-4d18-a133-8e57c13dc7b4</title>
    <updated>2026-07-10T03:02:24.352084+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "d298f35c-1ac9-4d18-a133-8e57c13dc7b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11405", "type": "seen", "source": "https://bsky.app/profile/geeknewsbot.bsky.social/post/3mqagcyobxu2l", "content": "Tenda \ud38c\uc6e8\uc5b4 \uc5ec\ub7ec \ubc84\uc804\uc5d0 \uc228\uaca8\uc9c4 \uc778\uc99d \ubc31\ub3c4\uc5b4 \ubc1c\uacac\n\n\uc77c\ubd80 Tenda \ub124\ud2b8\uc6cc\ud06c \uc7a5\ube44 \ud38c\uc6e8\uc5b4\uc5d0 \ubb38\uc11c\ud654\ub418\uc9c0 \uc54a\uc740 \uc778\uc99d \ubc31\ub3c4\uc5b4 \uac00 \uc788\uc5b4, \uc720\ud6a8\ud55c \uc790\uaca9 \uc99d\uba85 \uc5c6\uc774 \uc6f9 \uad00\ub9ac \uc778\ud130\ud398\uc774\uc2a4\uc758 \uad00\ub9ac\uc790 \uad8c\ud55c\uc744 \uc5bb\uc744 \uc218 \uc788\uc74c CVE-2026-11405 \ub294 \uc77c\ubc18 \ube44\ubc00\ubc88\ud638 \uac80\uc99d \uc2e4\ud328 \ub4a4 sys.rzadmin.password \uac12\uc744 \ub300\uccb4 \ube44\ubc00\ubc88\ud638\ucc98\ub7fc \ud655\uc778...", "creation_timestamp": "2026-07-09T20:00:06.702039Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/d298f35c-1ac9-4d18-a133-8e57c13dc7b4/export"/>
    <published>2026-07-09T20:00:06.702039+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/aca7e995-8986-4a83-ad3b-96c72732ade8/export</id>
    <title>aca7e995-8986-4a83-ad3b-96c72732ade8</title>
    <updated>2026-07-10T03:02:24.354079+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "aca7e995-8986-4a83-ad3b-96c72732ade8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11405", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3mq7ae77djd2b", "content": "Five Tenda router models ship a hardcoded admin password that grants full control, any username, no login needed (CVE-2026-11405).\n\nCERT/CC confirmed it July 7. No patch, no vendor response.\n\nTurn off WAN management and plan a swap.", "creation_timestamp": "2026-07-09T08:40:43.694595Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/aca7e995-8986-4a83-ad3b-96c72732ade8/export"/>
    <published>2026-07-09T08:40:43.694595+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/6a330221-c7df-40a1-be15-806d3e8d097e/export</id>
    <title>6a330221-c7df-40a1-be15-806d3e8d097e</title>
    <updated>2026-07-10T03:02:24.354187+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "6a330221-c7df-40a1-be15-806d3e8d097e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11405", "type": "seen", "source": "https://bsky.app/profile/cerberusit.bsky.social/post/3mq73zxzrl72p", "content": "Today in patch management misery, we have CVE-2026-11405, a lovely unpatched backdoor in Tenda firmware that grants complete administrative control to any unauthenticated attacker who wanders by. This spectacular design flaw affects anyone trusting these specific network devices ...\n\nRead full story", "creation_timestamp": "2026-07-09T07:23:25.186419Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/6a330221-c7df-40a1-be15-806d3e8d097e/export"/>
    <published>2026-07-09T07:23:25.186419+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/82e8d91e-367b-403c-9659-ae491bf72a9c/export</id>
    <title>82e8d91e-367b-403c-9659-ae491bf72a9c</title>
    <updated>2026-07-10T03:02:24.354270+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "82e8d91e-367b-403c-9659-ae491bf72a9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11405", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq5cc7qxcu2h", "content": "CVE-2026-11405 - firmware\nThe Apache HTTP Server has a hidden login backdoor that allows anyone to gain admin access by entering the correct password. This backdoor is not protected by a username, so any\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#firmware #tenda #CVE #infosec", "creation_timestamp": "2026-07-08T14:10:04.757799Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/82e8d91e-367b-403c-9659-ae491bf72a9c/export"/>
    <published>2026-07-08T14:10:04.757799+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/1af6fd99-29d5-428a-b8bc-b3eafe849c77/export</id>
    <title>1af6fd99-29d5-428a-b8bc-b3eafe849c77</title>
    <updated>2026-07-10T03:02:24.354355+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "1af6fd99-29d5-428a-b8bc-b3eafe849c77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11405", "type": "seen", "source": "https://bsky.app/profile/pixelsandpulse.bsky.social/post/3mq4yiik34i2x", "content": "Heads up, Tenda router users! A critical firmware flaw (CVE-2026-11405) acts as a hardcoded backdoor, granting full admin access to anyone with the secret password. Tenda is unresponsive, so you need to act: disable remote web\u2026\n\nhttps://www.tpp.blog/qbatp8a\n\n#cybersecurity #tenda #firmware", "creation_timestamp": "2026-07-08T11:14:38.784860Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/1af6fd99-29d5-428a-b8bc-b3eafe849c77/export"/>
    <published>2026-07-08T11:14:38.784860+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/78f12940-de58-43fd-9cf7-8ec16d49e60d/export</id>
    <title>78f12940-de58-43fd-9cf7-8ec16d49e60d</title>
    <updated>2026-07-10T03:02:24.354438+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "78f12940-de58-43fd-9cf7-8ec16d49e60d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11405", "type": "seen", "source": "https://bsky.app/profile/hn-frontpage-bot.bsky.social/post/3mq4faxiw3n2s", "content": "Multiple Tenda router models contain an undocumented authentication backdoor, tracked as CVE-2026-11405, allowing attackers to bypass password checks for full administrative access. As no patch exists, users should disable remote management to mitigate risks.", "creation_timestamp": "2026-07-08T05:30:23.890232Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/78f12940-de58-43fd-9cf7-8ec16d49e60d/export"/>
    <published>2026-07-08T05:30:23.890232+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/f7e41a2e-1cb8-4be7-be04-771820b71313/export</id>
    <title>f7e41a2e-1cb8-4be7-be04-771820b71313</title>
    <updated>2026-07-10T03:02:24.354514+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "f7e41a2e-1cb8-4be7-be04-771820b71313", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11405", "type": "seen", "source": "https://bsky.app/profile/iberianm.bsky.social/post/3mq4a7we3t42s", "content": "Tenda router firmware has an undocumented admin backdoor (CVE-2026-11405) in some releases. Check for affected firmware and update to fixed versions. #Cybersecurity #Vulnerability #IdentitySecurity\n\nSource: https://thehackernews.com/2026/07/certcc-warns-of-hidden-admin-backdoor.html", "creation_timestamp": "2026-07-08T04:00:20.966186Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/f7e41a2e-1cb8-4be7-be04-771820b71313/export"/>
    <published>2026-07-08T04:00:20.966186+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3f663e74-137d-4bcd-b7fc-2d5475fbf558/export</id>
    <title>3f663e74-137d-4bcd-b7fc-2d5475fbf558</title>
    <updated>2026-07-10T03:02:24.354597+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3f663e74-137d-4bcd-b7fc-2d5475fbf558", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11405", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mq43qk72d62d", "content": "\ud83d\udcf0 Backdoor Tersembunyi Ditemukan di Firmware Router Tenda, Bisa Berikan Akses Admin Tanpa Kredensial\n\n\ud83d\udc49 Baca artikel lengkap di sini: https://ahmandonk.com/2026/07/08/backdoor-firmware-router-tenda-cve-2026-11405/\n\n#cve #cve-2026-11405 #cybersecurity #firmware #jaringan #keamananSiber #network", "creation_timestamp": "2026-07-08T02:40:09.374763Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3f663e74-137d-4bcd-b7fc-2d5475fbf558/export"/>
    <published>2026-07-08T02:40:09.374763+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/842edad1-bbec-4739-8ec3-38842b8239b7/export</id>
    <title>842edad1-bbec-4739-8ec3-38842b8239b7</title>
    <updated>2026-07-10T03:02:24.354670+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "842edad1-bbec-4739-8ec3-38842b8239b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11405", "type": "seen", "source": "https://thehackernews.com/2026/07/certcc-warns-of-hidden-admin-backdoor.html", "content": "Several versions of firmware released by Chinese network device manufacturer Tenda have been found to embed an undocumented authentication backdoor that enables administrative access to the devices' web management interfaces, the CERT Coordination Center (CERT/CC) warned Monday.\n\n\"An attacker can exploit this vulnerability, tracked as CVE-2026-11405, to bypass the password verification process", "creation_timestamp": "2026-07-08T01:00:53.958215Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/842edad1-bbec-4739-8ec3-38842b8239b7/export"/>
    <published>2026-07-08T01:00:53.958215+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/a933d473-7626-460a-8cfd-1986f768240a/export</id>
    <title>a933d473-7626-460a-8cfd-1986f768240a</title>
    <updated>2026-07-10T03:02:24.354744+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "a933d473-7626-460a-8cfd-1986f768240a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11405", "type": "seen", "source": "https://bsky.app/profile/iberianm.bsky.social/post/3mq3ffmr5dj22", "content": "Tenda router firmware: CERT/CC warns of hidden admin backdoor (CVE-2026-11405). Check your model/firmware for affected versions and update imm\u2026 #Cybersecurity #Vulnerability #IdentitySecurity\n\nSource: https://threatbeat.com/adversaries/cert-cc-warns-of-hidden-admin-backdoor-in-tenda-router-firmware/", "creation_timestamp": "2026-07-07T20:00:21.956184Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/a933d473-7626-460a-8cfd-1986f768240a/export"/>
    <published>2026-07-07T20:00:21.956184+00:00</published>
  </entry>
</feed>
