CVE-2026-1610HIGH 8.1EPSS p47.3%

CVE-2026-1610CVE-2026-1610

Description

A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24_cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is needed for the attack. The exploitation is known to be difficult. The exploit has been made public and could be used.

Scoring

CVSS 3.18.1 (HIGH)
VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.67% probability of exploitation · percentile 47.3% · 2026-06-19T12:03:05Z
Published2026-01-29
Last modified2026-02-27

Underlying weaknesses· 2

CWE-259CWE-798

References

  1. https://github.com/QIU-DIE/CVE/issues/49
  2. https://vuldb.com/?ctiid.343378
  3. https://vuldb.com/?id.343378
  4. https://vuldb.com/?submit.740766
  5. https://www.tenda.com.cn/

2

TypeTargetConfidenceTier
WeaknessUse of Hard-coded Passwordcwe-2590%live
WeaknessUse of Hard-coded Credentialscwe-7980%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-46627
CVE
CVE-2026-4252
CVE
CVE-2025-25632
CVE
CVE-2026-6989
CVE
CVE-2026-11503
CVE
CVE-2025-46625
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.