CVE-2026-4252
Tenda · AC8
A vulnerability in the Tenda AC8 IPv6 Handler function allows remote attackers to bypass authentication by manipulating IPv6 address reliance.
Executive summary
A critical authentication bypass vulnerability in Tenda AC8 routers allows remote, unauthenticated attackers to gain unauthorized access to the device.
Vulnerability
This vulnerability exists in the check_is_ipv6 function of the IPv6 component, where improper handling of IP addresses allows for an authentication bypass. The flaw is remotely exploitable without requiring prior authentication.
Business impact
Successful exploitation allows an attacker to bypass authentication, potentially leading to full administrative control over the network device. Given the CVSS score of 9.8, this poses a severe risk of data interception, unauthorized network access, and potential pivot points into the internal local area network.
Remediation
Immediate Action: Update the Tenda AC8 firmware to the latest version provided by the manufacturer to patch the authentication logic.
Proactive Monitoring: Monitor network traffic for unusual IPv6-related activity and review administrative access logs for unauthorized login attempts.
Compensating Controls: If an update is unavailable, disable IPv6 functionality on the device and restrict management interfaces to trusted internal IP ranges.
Exploitation status
Public Exploit Available: Yes
Analyst recommendation
This vulnerability represents a critical security risk due to the ease of remote exploitation. Organizations using the affected Tenda AC8 devices should prioritize patching immediately or isolate the devices from external network access to prevent compromise.