CVE-2026-1610 identifies a critical security vulnerability in the Tenda AX12 Pro V2 router firmware version 16.03.49.24_cn. The issue arises from hard-coded credentials embedded within the Telnet service component of the device. These hard-coded credentials enable an attacker to remotely access the device without requiring authentication or user interaction. The vulnerability affects confidentiality, integrity, and availability by potentially allowing attackers to execute arbitrary commands, alter configurations, or disrupt network services. Exploitation complexity is high, indicating that a skilled attacker is required to leverage this flaw effectively. Although no active exploits have been observed in the wild, the public disclosure of exploit code increases the likelihood of future attacks. The Telnet service, often enabled by default or left active inadvertently, broadens the attack surface. The vulnerability is particularly concerning because it does not require prior authentication or user interaction, allowing remote attackers to gain privileged access. The CVSS 4.0 base score of 9.2 reflects the critical nature of this vulnerability, with attack vector being network-based and no privileges or user interaction needed. The scope is limited to the affected firmware version and product, but given the popularity of Tenda routers in various global markets, the potential impact is significant. No official patch links are currently available, emphasizing the need for immediate mitigation steps by users and administrators.

The impact of CVE-2026-1610 is substantial for organizations and individuals using the Tenda AX12 Pro V2 router with the affected firmware. Successful exploitation can lead to full compromise of the device, allowing attackers to intercept, manipulate, or disrupt network traffic, potentially leading to data breaches, unauthorized network access, and lateral movement within internal networks. The confidentiality of sensitive information passing through the router is at risk, as is the integrity of network configurations and the availability of network services. For businesses, this could mean exposure of proprietary data, disruption of operations, and damage to reputation. For home users, it could result in privacy violations and unauthorized use of internet resources. The difficulty of exploitation reduces the immediate risk but does not eliminate it, especially as exploit code is publicly available. The lack of authentication and user interaction requirements means attackers can attempt exploitation remotely without alerting users. The absence of patches increases the window of vulnerability, making proactive mitigation critical. Overall, the vulnerability poses a critical threat to network security wherever the affected device and firmware are deployed.

1. Immediately check for and apply any firmware updates released by Tenda addressing CVE-2026-1610. 2. If no patch is available, disable the Telnet service on the Tenda AX12 Pro V2 router to eliminate the attack vector. 3. Restrict remote management access to the router by disabling WAN-side administration or limiting access to trusted IP addresses. 4. Implement network segmentation to isolate the router and critical network assets, reducing the potential impact of compromise. 5. Monitor network traffic for unusual Telnet connection attempts or other suspicious activity targeting the router. 6. Replace affected devices with models from vendors with a stronger security track record if patching or disabling Telnet is not feasible. 7. Educate users and administrators about the risks of hard-coded credentials and the importance of disabling legacy services like Telnet. 8. Employ intrusion detection/prevention systems (IDS/IPS) tuned to detect exploitation attempts targeting this vulnerability. 9. Regularly audit router configurations to ensure no unauthorized changes have been made. 10. Maintain an incident response plan to quickly address any detected compromise related to this vulnerability.