CVE-2025-11666
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-13

Last updated on: 2026-04-29

Assigner: VulDB

Description
A flaw has been found in Tenda RP3 Pro up to 22.5.7.93. This impacts an unknown function of the file force_upgrade.sh of the component Firmware Update Handler. Executing manipulation of the argument current_force_upgrade_pwd can lead to use of hard-coded password. The attack can only be executed locally. The exploit has been published and may be used.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-13
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2025-10-13
EPSS Evaluated
2026-06-15
NVD
CVE-2025-11666
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
tenda rp3_pro *
tenda rp3_pro 22.5.7.93
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-259 The product contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components.
CWE-255
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a flaw in the Tenda RP3 Pro router's firmware update process, specifically in the script force_upgrade.sh. It involves a hard-coded password used for authentication during firmware updates. An attacker with local access can manipulate the argument current_force_upgrade_pwd to exploit this hard-coded password, bypassing authentication. This allows them to potentially upload malicious firmware or execute arbitrary code on the device. [2, 3]

Impact Analysis

Exploiting this vulnerability can compromise the confidentiality, integrity, and availability of the affected router. An attacker with local access can bypass authentication to upload malicious firmware, which may lead to arbitrary code execution or denial of service. This can result in unauthorized control over the device, disruption of network services, and potential exposure of sensitive data. [2, 3]

Detection Guidance

Detection of this vulnerability requires local access to the Tenda RP3 Pro device. Since the flaw is in the force_upgrade.sh script involving a hard-coded password, detection can involve checking the firmware version (to see if it is between 22.5.7.0 and 22.5.7.93) and inspecting the force_upgrade.sh script for the presence of the hard-coded password 'Td2N3ww1.0_tenda_force_upgrade'. Commands to check firmware version might include router-specific commands or accessing the device's firmware information via its management interface. However, no specific detection commands are provided in the available resources. [2, 3]

Mitigation Strategies

Immediate mitigation steps include restricting local access to the device to prevent exploitation, as the attack requires local environment access. Since no known countermeasures or patches are published, it is recommended to replace the affected product with an alternative device or firmware version not affected by this vulnerability. Monitoring for unauthorized firmware updates and disabling unnecessary local access methods may also help reduce risk. [2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-11666. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart