Tenda Router Backdoor Grants Admin Access — No Patch Available
CERT/CC warns of CVE-2026-11405, an undocumented authentication backdoor in Tenda router firmware. The vendor remains unreachable with no fix in sight.
11 articles tagged with "Network Security"
CERT/CC warns of CVE-2026-11405, an undocumented authentication backdoor in Tenda router firmware. The vendor remains unreachable with no fix in sight.
CVE-2026-7473 lets attackers bypass tunnel security controls on Arista network devices. CISA added it to KEV—but Arista says patching would 'break existing configurations.'
Ubiquiti releases emergency patches for three maximum-severity vulnerabilities in UniFi OS that allow unauthenticated remote attackers to take full control of network appliances. 100,000 devices exposed.
CVE-2026-22557 lets unauthenticated attackers traverse paths and hijack UniFi Network accounts. CVSS 10.0 severity demands immediate patching to 10.1.89.
CVE-2026-23813 allows unauthenticated attackers to reset admin passwords on HPE Aruba AOS-CX switches. No exploitation seen yet, but patch immediately.
Binding Operational Directive 26-02 gives federal agencies 12-18 months to remove unsupported routers, firewalls, and switches from networks.
Inside the cyber command center protecting Super Bowl LX at Levi's Stadium, where Cisco deployed 1,500 Wi-Fi 7 access points and blocked 400,000+ threats before kickoff.
Independent testing confirms 99.3% IPS effectiveness and 99.8% malware detection for Cisco's unified routing and firewall platform.
Cisco patches CVE-2026-20029, an XML external entity vulnerability in Identity Services Engine with proof-of-concept exploit code already publicly available.
From Fortinet to SonicWall, authentication bypass vulnerabilities share common traits. Understanding these patterns helps security teams prioritize patching.
CACI wins task order to modernize classified and unclassified networks at all 14 U.S. Space Force bases, implementing zero trust architecture and cloud capabilities.