216.73.216.215

CVE-2026-27511

· Published 23/02/2026 17:23 · Modified 23/02/2026 20:16

Labels: CVE-2026-27511 2026-02-23CVE-2026-27511CWE-1021[email protected]

Essential information

Published
23/02/2026 17:23
Modified
23/02/2026 20:16
Author
Creator
CVSS
5.1 MEDIUM (v3) 5.1 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a clickjacking vulnerability in the web-based administrative interface. The interface does not set the X-Frame-Options header, allowing attacker-controlled sites to embed administrative pages in an iframe and trick an authenticated administrator into unintended interactions that may result in unauthorized configuration changes.

NVD status

Status
Analyzed — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
tenda / f3 firmware cpe:2.3:o:tenda:f3_firmware:*:*:*:*:*:*:*:*
tenda / f3 cpe:2.3:h:tenda:f3:-:*:*:*:*:*:*:*

References