Tenda AC8 Calculated Root Password Vulnerability Allowing Unauthorized Access

A vulnerability exists in the Tenda AC8 v4.0 AC1200 Dual-band Gigabit Wireless Router, specifically in the firmware version 16.03.33.05 and earlier. The issue arises because the root password is generated using a static string combined with the last two octets of the device's MAC address. This predictable password generation allows an unauthenticated attacker to gain administrative access by authenticating with network services on the device.

Impact

Exploitation of this vulnerability allows for unauthorized authentication as the root user, potentially leading to full administrative access on the device. This could include executing arbitrary commands or accessing the physical UART interface.

Remediation

Tenda has not provided any firmware updates for this router since February 2023, and the product is no longer supported. Users are advised to replace the device with a currently supported model. As a temporary measure, remote access services such as Telnet and SSH should be disabled.