Five Tenda firmware versions contain a built-in login bypass that grants administrator access if an attacker enters the shipped password, regardless of username, CERT Coordination Center researchers said.
The flaw is embedded in firmware across older Tenda lines including the FH1201, W15E, AC10 v1, AC5 v1 and AC6 v2, and no confirmed vendor patch had been announced.
Administrator access could let intruders redirect traffic, open network ports, install ransomware, launch man-in-the-middle attacks or lock owners out of their own routers.
CERT advised affected users to check firmware through the router interface, disable remote web management and change the default LAN IP address while considering replacing aging hardware.