CNNVD-202601-3411 Information

CNNVD ID

CNNVD-202601-3411

Related CVE

CVE-2021-47802

• CNNVD Published: 2026-01-21

Description (Chinese)

Tenda D301和Tenda D151都是中国腾达（Tenda）公司的产品。Tenda D301是一款无线路由器。Tenda D151是一个无线路由器。 Tenda D301和Tenda D151存在访问控制错误漏洞，该漏洞源于/goform/getimage端点存在未经身份验证的配置下载，可能导致检索包含管理员凭据的配置文件。

Description (English)

Tenda D301 and Tenda D151 are products of Tenda China. Tenda D301 is a wireless router. Tenda D151 is a wireless router. There is a bug in access control in Tenda D301 and Tenda D151, which stems from the unauthenticated configuration download at the /goform/getimage endpoint, which may lead to the retrieval of profiles containing certificates from administrators.

Hazard Level

Medium

Vulnerability Type

访问控制错误

Affected Vendor

腾达

Published

2026-01-21

Last Modified

2026-02-24

References

https://www.exploit-db.com/exploits/49782 https://www.tendacn.com/us/ https://www.vulncheck.com/advisories/tenda-d-d-configuration-download