{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5527", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-04-04T06:20:03.869Z", "datePublished": "2026-04-04T23:15:12.490Z", "dateUpdated": "2026-04-06T13:25:49.224Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-04T23:15:12.490Z"}, "title": "Tenda 4G03 Pro ECDSA P-256 Private Key server.key hard-coded key", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-321", "lang": "en", "description": "Use of Hard-coded Cryptographic Key"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-320", "lang": "en", "description": "Key Management Error"}]}], "affected": [{"vendor": "Tenda", "product": "4G03 Pro", "versions": [{"version": "1.0", "status": "affected"}, {"version": "1.0re", "status": "affected"}, {"version": "01.bin", "status": "affected"}, {"version": "04.03.01.53", "status": "affected"}], "modules": ["ECDSA P-256 Private Key Handler"]}], "descriptions": [{"lang": "en", "value": "A weakness has been identified in Tenda 4G03 Pro 1.0/1.0re/01.bin/04.03.01.53. Affected by this issue is some unknown functionality of the file /etc/www/pem/server.key of the component ECDSA P-256 Private Key Handler. This manipulation causes use of hard-coded cryptographic key\r . It is possible to initiate the attack remotely."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.9, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:W/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:W/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N/E:POC/RL:W/RC:UR"}}], "timeline": [{"time": "2026-04-04T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-04-04T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-04-04T08:25:13.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "CoreNode (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "VulDB Vulnerability Moderation Team", "type": "coordinator"}], "references": [{"url": "https://vuldb.com/vuln/355280", "name": "VDB-355280 | Tenda 4G03 Pro ECDSA P-256 Private Key server.key hard-coded key", "tags": ["vdb-entry"]}, {"url": "https://vuldb.com/vuln/355280/cti", "name": "VDB-355280 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/782053", "name": "Submit #782053 | Tenda 4G03 Pro V1.0 V04.03.01.53 Cryptographic Issues", "tags": ["third-party-advisory"]}, {"url": "https://www.tenda.com.cn/", "tags": ["product"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-06T13:25:37.832426Z", "id": "CVE-2026-5527", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T13:25:49.224Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-5527", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-06T13:25:37.832426Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T13:25:43.313Z"}}], "cna": {"title": "Tenda 4G03 Pro ECDSA P-256 Private Key server.key hard-coded key", "credits": [{"lang": "en", "type": "reporter", "value": "CoreNode (VulDB User)"}, {"lang": "en", "type": "coordinator", "value": "VulDB Vulnerability Moderation Team"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:W/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:W/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N/E:POC/RL:W/RC:UR"}}], "affected": [{"vendor": "Tenda", "modules": ["ECDSA P-256 Private Key Handler"], "product": "4G03 Pro", "versions": [{"status": "affected", "version": "1.0"}, {"status": "affected", "version": "1.0re"}, {"status": "affected", "version": "01.bin"}, {"status": "affected", "version": "04.03.01.53"}]}], "timeline": [{"lang": "en", "time": "2026-04-04T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-04-04T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-04-04T08:25:13.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/vuln/355280", "name": "VDB-355280 | Tenda 4G03 Pro ECDSA P-256 Private Key server.key hard-coded key", "tags": ["vdb-entry"]}, {"url": "https://vuldb.com/vuln/355280/cti", "name": "VDB-355280 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/782053", "name": "Submit #782053 | Tenda 4G03 Pro V1.0 V04.03.01.53 Cryptographic Issues", "tags": ["third-party-advisory"]}, {"url": "https://www.tenda.com.cn/", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "A weakness has been identified in Tenda 4G03 Pro 1.0/1.0re/01.bin/04.03.01.53. Affected by this issue is some unknown functionality of the file /etc/www/pem/server.key of the component ECDSA P-256 Private Key Handler. This manipulation causes use of hard-coded cryptographic key\r . It is possible to initiate the attack remotely."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-321", "description": "Use of Hard-coded Cryptographic Key"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-320", "description": "Key Management Error"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-04T23:15:12.490Z"}}}, "cveMetadata": {"cveId": "CVE-2026-5527", "state": "PUBLISHED", "dateUpdated": "2026-04-06T13:25:49.224Z", "dateReserved": "2026-04-04T06:20:03.869Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-04-04T23:15:12.490Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A weakness has been identified in Tenda 4G03 Pro 1.0/1.0re/01.bin/04.03.01.53. Affected by this issue is some unknown functionality of the file /etc/www/pem/server.key of the component ECDSA P-256 Private Key Handler. This manipulation causes use of hard-coded cryptographic key\r . It is possible to initiate the attack remotely."}], "id": "CVE-2026-5527", "lastModified": "2026-04-07T13:20:55.200", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-04-05T00:16:03.120", "references": [{"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/782053"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/355280"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/355280/cti"}, {"source": "cna@vuldb.com", "url": "https://www.tenda.com.cn/"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-320"}, {"lang": "en", "value": "CWE-321"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.0re"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "01.bin"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "04.03.01.53"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "4G03 Pro", "source": "cna", "vendor": "Tenda"}, "product": "4g03_pro", "vendor": "tenda"}], "analysis": {"en": {"generated_at": "2026-04-05T02:21:08.209220+00:00", "value": {"mitigation_remediation": ["Verify the firmware version on each router and confirm it matches one of the listed affected releases.", "Download and install the latest firmware from Tenda that removes the hard\u2011coded ECDSA key."], "summary": {"action": "Patch", "impact": "Use of a hard\u2011coded ECDSA P\u2011256 private key exposes the device to spoofing and certificate forgery, compromising authentication of TLS sessions."}, "threat_synthesis": {"affected_systems": "All Tenda 4G03\u202fPro routers running the affected firmware versions are impacted. The vulnerability is listed by the vendor Tenda and documented for those specific releases.", "description_and_impact": "The vulnerability resides in Tenda 4G03\u202fPro firmware versions 1.0, 1.0re, 01.bin, and 04.03.01.53, where the ECDSA P\u2011256 private key is hard\u2011coded in /etc/www/pem/server.key. This allows an attacker to obtain the key or replace the key file, enabling the attacker to impersonate the device in TLS connections, forge certificates, and undermine the integrity of encrypted traffic. The impact is primarily on authentication and confidentiality of communications with the device.", "risk_and_exploitability": "The CVSS score of 6.9 indicates a medium severity weakness. EPSS information is not available and the vulnerability is not in the KEV catalog, suggesting no widespread public exploit yet. Remote exploitation is possible as the flaw is related to the web administration component and the key file can be accessed over the network. An attacker with network reach to the device could read or replace the static key, then use it to forge TLS certificates or gain unauthorized access."}}}}, "created": "2026-04-06T20:26:53.098072+00:00", "updated": "2026-04-06T21:57:28.069468+00:00", "vendors": ["tenda", "tenda$PRODUCT$4g03_pro"]}