Vulnerability Details CVE-2026-27514
Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a sensitive information exposure vulnerability in the configuration download functionality. The configuration download response includes the router password and administrative password in plaintext. The endpoint also omits appropriate Cache-Control directives, which can allow the response to be stored in client-side caches and recovered by other local users or processes with access to cached browser data.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.0%
CVSS Severity
CVSS v3 Score 6.5
References
Products affected by CVE-2026-27514
-
cpe:2.3:h:tenda:f3:-
-
cpe:2.3:o:tenda:f3_firmware:12.01.01.48