Security Advisory

CVE-2026-27514

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-23 16:27:38
Last updated 2026-05-11 23:11:27
Assigner VulnCheck
State PUBLISHED

Description

Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a sensitive information exposure vulnerability in the configuration download functionality. The configuration download response includes the router password and administrative password in plaintext. The endpoint also omits appropriate Cache-Control directives, which can allow the response to be stored in client-side caches and recovered by other local users or processes with access to cached browser data.