Security Advisory

CVE-2025-11666

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-13 07:02:07

Last updated 2025-10-14 15:03:06

Assigner VulDB

State PUBLISHED

Description

A flaw has been found in Tenda RP3 Pro up to 22.5.7.93. This impacts an unknown function of the file force_upgrade.sh of the component Firmware Update Handler. Executing manipulation of the argument current_force_upgrade_pwd can lead to use of hard-coded password. The attack can only be executed locally. The exploit has been published and may be used.

← Browse all CVEs View on cve.org ↗