CVE-2026-10045 | THREATINT

Description

Shenzhen Kangda Xin Intelligent Network Technology Company's router, model DR300, version 2.1.2.121, contains hardcoded login credentials and has telnet enabled by default on WAN and LAN interfaces. These vulnerabilities allow attackers to read and write to memory, modify firmware stored in flash, inspect active connections, and view currently connected devices.

PUBLISHED Reserved 2026-05-28 | Published 2026-06-09 | Updated 2026-06-09 | Assigner certcc

Problem types

CWE-798 Use of Hard-coded Credentials

CWE-319 Cleartext Transmission of Sensitive Information

CWE-1188 Insecure Default Initialization of Resource

Product status

2.1.2.121

affected

References

rubenabreu.xyz/post/temu-routers-and-their-implications exploit

rubenabreu.xyz/post/temu-routers-and-their-implications

cve.org (CVE-2026-10045)

nvd.nist.gov (CVE-2026-10045)

Download JSON