Skip to main content

Tenda AC18 Firmware CVE-2025-8182

LOW
Weak Password Requirements (CWE-521)
2025-07-26 cna@vuldb.com
2.9
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.9 LOW
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
Apr 29, 2026 - 01:48 vuln.today

DescriptionCVE.org

A vulnerability has been found in Tenda AC18 15.03.05.19 and classified as problematic. This vulnerability affects unknown code of the file /etc_ro/smb.conf of the component Samba. The manipulation leads to weak password requirements. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.

AnalysisAI

Weak password requirements in Tenda AC18 firmware version 15.03.05.19 allow remote attackers to conduct brute-force attacks against Samba authentication via the /etc_ro/smb.conf configuration file. The vulnerability requires high attack complexity and has been publicly disclosed, though exploitation difficulty remains elevated. CVSS 2.9 and EPSS 0.07% (20th percentile) indicate low real-world risk despite proof-of-concept availability.

Technical ContextAI

The vulnerability resides in the Samba file-sharing service configuration as exposed through the Tenda AC18 router's web interface or file system. Samba uses smb.conf to define password policies and authentication constraints. CWE-521 (Weak Password Requirements) indicates insufficient password complexity enforcement, validation, or policy restrictions within the Samba daemon's configuration. The affected CPE (cpe:2.3:o:tenda:ac18_firmware:15.03.05.19) specifies the exact firmware version where this misconfiguration exists. Remote network access to the Samba service, combined with weak credential enforcement, enables enumeration and brute-force attacks that would be infeasible against properly configured systems.

RemediationAI

Upgrade Tenda AC18 firmware to a version newer than 15.03.05.19 if available from Tenda's official support channels (https://www.tenda.com.cn/). Verify the patched firmware version on the Tenda product page or contact Tenda support for release notes confirming CWE-521 remediation. If no patched firmware is available for your device model, implement network-level compensating controls: restrict network access to the Samba service (TCP/UDP port 139, 445) using router firewall rules or network segmentation, allowing only trusted internal clients; disable SMB sharing entirely if not required for functionality; enable account lockout policies if the firmware's Samba configuration permits (modify smb.conf password policies manually if accessible). Monitor Samba logs for repeated authentication failures as an indicator of brute-force attempts. Note that firmware upgrades may reset configuration, so document current Samba settings before patching.

CVE-2012-2441 HIGH POC
8.5 Apr 28

RuggedCom Rugged Operating System (ROS) before 3.3 has a factory account with a password derived from the MAC Address fi

CVE-2024-42850 CRITICAL POC
9.8 Aug 16

An issue in the password change function of Silverpeas v6.4.2 and lower allows for the bypassing of password complexity

CVE-2025-28200 CRITICAL POC
9.8 May 09

Victure RX1800 EN_V1.0.0_r12_110933 was discovered to utilize a weak default password which includes the last 8 digits o

CVE-2025-28389 CRITICAL POC
9.8 Jun 13

Critical authentication bypass vulnerability in OpenC3 COSMOS v6.0.0 caused by weak password requirements that enable br

CVE-2025-63747 CRITICAL POC
9.8 Nov 17

QaTraq 6.9.2 ships with administrative account credentials which are enabled in default installations and permit immedia

CVE-2023-37756 CRITICAL POC
9.8 Sep 14

I-doit pro 25 and below and I-doit open 25 and below employ weak password requirements for Administrator account creatio

CVE-2023-2160 CRITICAL POC
9.8 Apr 18

Weak Password Requirements in GitHub repository modoboa/modoboa prior to 2.1.0. Rated critical severity (CVSS 9.8), this

CVE-2023-2106 CRITICAL POC
9.8 Apr 15

Weak Password Requirements in GitHub repository janeczku/calibre-web prior to 0.6.20. Rated critical severity (CVSS 9.8)

CVE-2023-1753 CRITICAL POC
9.8 Mar 31

Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.12. Rated critical severity (CVSS 9.8), t

CVE-2022-44236 CRITICAL POC
9.8 Dec 15

Beijing Zed-3 Technologies Co.,Ltd VoIP simpliclty ASG 8.5.0.17807 (20181130-16:12) has a Weak password vulnerability. R

CVE-2022-3754 CRITICAL POC
9.8 Oct 29

Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.8. Rated critical severity (CVSS 9.8), th

CVE-2022-3268 CRITICAL POC
9.8 Sep 22

Weak Password Requirements in GitHub repository ikus060/minarca prior to 4.2.2. Rated critical severity (CVSS 9.8), this

Share

CVE-2025-8182 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy