Main Vulnerability Database Vulnerabilities #VU114326

#VU114326 Cleartext transmission of sensitive information in AC6 v5.0 AC1200 - CVE-2025-31143

Published: August 21, 2025

Vulnerability identifier: #VU114326

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2025-31143

CWE-ID: CWE-319

Exploitation vector: Adjecent network

Exploit availability: No public exploit available

Vulnerable software:
AC6 v5.0 AC1200

Software vendor:
Shenzhen Tenda Technology Co.,Ltd.

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to software uses insecure communication channel to transmit sensitive information in the Tenda App Router Authentication functionality. A remote attacker with ability to intercept network traffic can gain access to sensitive data and bypass authentication on the target device.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2178

#VU114326 Cleartext transmission of sensitive information in AC6 v5.0 AC1200 - CVE-2025-31143

Description

Remediation

External links

Please verify you're human