CNNVD-202602-297 Information

CNNVD ID

CNNVD-202602-297

Related CVE

CVE-2026-24426

• CNNVD Published: 2026-02-03

Description (Chinese)

Tenda AC7是中国腾达（Tenda）公司的一款无线路由器。 Tenda AC7 V03.03.03.01_cn及之前版本存在跨站脚本漏洞，该漏洞源于Web管理界面存在输出编码不当，可能导致在受害者浏览器环境中注入任意HTML或JavaScript。

Description (English)

Tenda AC7 is a wireless router of Tenda, China. Tenda AC7 V03.03.01 cn and previous versions had a cross-site script loophole, which stemmed from inappropriate output coding in the Web management interface, which could lead to the injection of any type of HTML or JavaScript in the victim browser environment.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

腾达

Published

2026-02-03

Last Modified

2026-02-24

References

https://www.tendacn.com/product/AC7 https://www.vulncheck.com/advisories/tenda-ac7-reflected-xss-via-web-interface-output-encoding https://access.redhat.com/security/cve/cve-2026-24426