CNNVD-202602-262 Information

CNNVD ID

CNNVD-202602-262

Related CVE

CVE-2026-24434

• CNNVD Published: 2026-02-03

Description (Chinese)

Tenda AC7是中国腾达（Tenda）公司的一款无线路由器。 Tenda AC7 V03.03.03.01_cn及之前版本存在跨站请求伪造漏洞，该漏洞源于Web管理界面未实施CSRF保护，可能导致修改路由器设置。

Description (English)

Tenda AC7 is a wireless router of Tenda, China. Tenda AC7 V03.03.01 cn and previous versions have a false gap in cross-site requests, which stems from the failure of the CSRF protection in the Web management interface and may lead to changes in router settings.

Hazard Level

High

Vulnerability Type

跨站请求伪造

Affected Vendor

腾达

Published

2026-02-03

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/tenda-ac7-web-interface-lacks-csrf-protections-for-admin-actions https://www.tendacn.com/product/AC7 https://access.redhat.com/security/cve/cve-2026-24434