CERT/CC has warned that several Tenda router firmware versions contain an undocumented authentication backdoor that grants full administrative access to the web management interface. Tracked as CVE-2026-11405, the flaw lives in the login function of the router's web server: if normal password checking fails, the firmware compares the supplied password against a hidden value stored in the device configuration and, on a match, grants admin access regardless of the username. It affects models including the FH1201, W15E, AC10, AC5, and AC6, is baked into the firmware, and cannot be disabled from the interface. Tenda has not responded, so there is no fix, and public exploit tooling is already scanning for vulnerable devices.