<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-08T17:21:08.975655+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/82e8d91e-367b-403c-9659-ae491bf72a9c/export</id>
    <title>82e8d91e-367b-403c-9659-ae491bf72a9c</title>
    <updated>2026-07-08T17:21:09.004683+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "82e8d91e-367b-403c-9659-ae491bf72a9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11405", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq5cc7qxcu2h", "content": "CVE-2026-11405 - firmware\nThe Apache HTTP Server has a hidden login backdoor that allows anyone to gain admin access by entering the correct password. This backdoor is not protected by a username, so any\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#firmware #tenda #CVE #infosec", "creation_timestamp": "2026-07-08T14:10:04.757799Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/82e8d91e-367b-403c-9659-ae491bf72a9c/export"/>
    <published>2026-07-08T14:10:04.757799+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/1af6fd99-29d5-428a-b8bc-b3eafe849c77/export</id>
    <title>1af6fd99-29d5-428a-b8bc-b3eafe849c77</title>
    <updated>2026-07-08T17:21:09.006500+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "1af6fd99-29d5-428a-b8bc-b3eafe849c77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11405", "type": "seen", "source": "https://bsky.app/profile/pixelsandpulse.bsky.social/post/3mq4yiik34i2x", "content": "Heads up, Tenda router users! A critical firmware flaw (CVE-2026-11405) acts as a hardcoded backdoor, granting full admin access to anyone with the secret password. Tenda is unresponsive, so you need to act: disable remote web\u2026\n\nhttps://www.tpp.blog/qbatp8a\n\n#cybersecurity #tenda #firmware", "creation_timestamp": "2026-07-08T11:14:38.784860Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/1af6fd99-29d5-428a-b8bc-b3eafe849c77/export"/>
    <published>2026-07-08T11:14:38.784860+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/78f12940-de58-43fd-9cf7-8ec16d49e60d/export</id>
    <title>78f12940-de58-43fd-9cf7-8ec16d49e60d</title>
    <updated>2026-07-08T17:21:09.006637+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "78f12940-de58-43fd-9cf7-8ec16d49e60d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11405", "type": "seen", "source": "https://bsky.app/profile/hn-frontpage-bot.bsky.social/post/3mq4faxiw3n2s", "content": "Multiple Tenda router models contain an undocumented authentication backdoor, tracked as CVE-2026-11405, allowing attackers to bypass password checks for full administrative access. As no patch exists, users should disable remote management to mitigate risks.", "creation_timestamp": "2026-07-08T05:30:23.890232Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/78f12940-de58-43fd-9cf7-8ec16d49e60d/export"/>
    <published>2026-07-08T05:30:23.890232+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/f7e41a2e-1cb8-4be7-be04-771820b71313/export</id>
    <title>f7e41a2e-1cb8-4be7-be04-771820b71313</title>
    <updated>2026-07-08T17:21:09.006745+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "f7e41a2e-1cb8-4be7-be04-771820b71313", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11405", "type": "seen", "source": "https://bsky.app/profile/iberianm.bsky.social/post/3mq4a7we3t42s", "content": "Tenda router firmware has an undocumented admin backdoor (CVE-2026-11405) in some releases. Check for affected firmware and update to fixed versions. #Cybersecurity #Vulnerability #IdentitySecurity\n\nSource: https://thehackernews.com/2026/07/certcc-warns-of-hidden-admin-backdoor.html", "creation_timestamp": "2026-07-08T04:00:20.966186Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/f7e41a2e-1cb8-4be7-be04-771820b71313/export"/>
    <published>2026-07-08T04:00:20.966186+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3f663e74-137d-4bcd-b7fc-2d5475fbf558/export</id>
    <title>3f663e74-137d-4bcd-b7fc-2d5475fbf558</title>
    <updated>2026-07-08T17:21:09.006842+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3f663e74-137d-4bcd-b7fc-2d5475fbf558", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11405", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mq43qk72d62d", "content": "\ud83d\udcf0 Backdoor Tersembunyi Ditemukan di Firmware Router Tenda, Bisa Berikan Akses Admin Tanpa Kredensial\n\n\ud83d\udc49 Baca artikel lengkap di sini: https://ahmandonk.com/2026/07/08/backdoor-firmware-router-tenda-cve-2026-11405/\n\n#cve #cve-2026-11405 #cybersecurity #firmware #jaringan #keamananSiber #network", "creation_timestamp": "2026-07-08T02:40:09.374763Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3f663e74-137d-4bcd-b7fc-2d5475fbf558/export"/>
    <published>2026-07-08T02:40:09.374763+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/842edad1-bbec-4739-8ec3-38842b8239b7/export</id>
    <title>842edad1-bbec-4739-8ec3-38842b8239b7</title>
    <updated>2026-07-08T17:21:09.006947+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "842edad1-bbec-4739-8ec3-38842b8239b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11405", "type": "seen", "source": "https://thehackernews.com/2026/07/certcc-warns-of-hidden-admin-backdoor.html", "content": "Several versions of firmware released by Chinese network device manufacturer Tenda have been found to embed an undocumented authentication backdoor that enables administrative access to the devices' web management interfaces, the CERT Coordination Center (CERT/CC) warned Monday.\n\n\"An attacker can exploit this vulnerability, tracked as CVE-2026-11405, to bypass the password verification process", "creation_timestamp": "2026-07-08T01:00:53.958215Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/842edad1-bbec-4739-8ec3-38842b8239b7/export"/>
    <published>2026-07-08T01:00:53.958215+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/a933d473-7626-460a-8cfd-1986f768240a/export</id>
    <title>a933d473-7626-460a-8cfd-1986f768240a</title>
    <updated>2026-07-08T17:21:09.007046+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "a933d473-7626-460a-8cfd-1986f768240a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11405", "type": "seen", "source": "https://bsky.app/profile/iberianm.bsky.social/post/3mq3ffmr5dj22", "content": "Tenda router firmware: CERT/CC warns of hidden admin backdoor (CVE-2026-11405). Check your model/firmware for affected versions and update imm\u2026 #Cybersecurity #Vulnerability #IdentitySecurity\n\nSource: https://threatbeat.com/adversaries/cert-cc-warns-of-hidden-admin-backdoor-in-tenda-router-firmware/", "creation_timestamp": "2026-07-07T20:00:21.956184Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/a933d473-7626-460a-8cfd-1986f768240a/export"/>
    <published>2026-07-07T20:00:21.956184+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/12f33d1a-9677-4456-880e-c2fc52dc7fbd/export</id>
    <title>12f33d1a-9677-4456-880e-c2fc52dc7fbd</title>
    <updated>2026-07-08T17:21:09.007147+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "12f33d1a-9677-4456-880e-c2fc52dc7fbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11405", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mq3ekurolb2s", "content": "Hidden backdoor in Tenda router firmware can grant admin access after a failed login, using a special plaintext password. CVE-2026-11405 affects multiple models. #Tenda #CVE202611405 #CERTCC", "creation_timestamp": "2026-07-07T19:45:23.481822Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/12f33d1a-9677-4456-880e-c2fc52dc7fbd/export"/>
    <published>2026-07-07T19:45:23.481822+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/59e6667d-cccd-469d-b47d-bb3d2e46c3ef/export</id>
    <title>59e6667d-cccd-469d-b47d-bb3d2e46c3ef</title>
    <updated>2026-07-08T17:21:09.007250+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "59e6667d-cccd-469d-b47d-bb3d2e46c3ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11405", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/116879305053736895", "content": "\u203c\ufe0f New Dark Web Informer Blog Post!\nTitle: When the Password Check Fails, You're In: The Hidden Admin Backdoor in Tenda Router Firmware (CVE-2026-11405)\nLink: https://darkwebinformer.com/when-the-password-check-fails-youre-in-the-hidden-admin-backdoor-in-tenda-router-firmware-cve-2026-11405/", "creation_timestamp": "2026-07-07T15:04:22.054924Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/59e6667d-cccd-469d-b47d-bb3d2e46c3ef/export"/>
    <published>2026-07-07T15:04:22.054924+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/fd4458bd-8b09-43c6-9be0-ac69ac217d0b/export</id>
    <title>fd4458bd-8b09-43c6-9be0-ac69ac217d0b</title>
    <updated>2026-07-08T17:21:09.007347+00:00</updated>
    <author>
      <name>Cédric Bonhomme</name>
      <uri>https://cve.circl.lu/user/cedric</uri>
    </author>
    <content>{"uuid": "fd4458bd-8b09-43c6-9be0-ac69ac217d0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2026-11405", "type": "seen", "source": "https://thehackernews.com/2026/07/certcc-warns-of-hidden-admin-backdoor.html", "content": "", "creation_timestamp": "2026-07-07T09:47:19.524240Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/fd4458bd-8b09-43c6-9be0-ac69ac217d0b/export"/>
    <published>2026-07-07T09:47:19.524240+00:00</published>
  </entry>
</feed>
