Tenda F3 Wireless Router Sensitive Information Exposure Vulnerability

Vulnerability

A vulnerability allowing the exposure of sensitive information has been identified in the Tenda F3 wireless router, specifically in firmware version 12.01.01.55_multi. This vulnerability arises from the configuration download feature, which inadvertently includes the router password and administrative password in plaintext. Additionally, the endpoint fails to implement proper Cache-Control directives, potentially allowing the response to be stored in client-side caches and accessed by other local users or processes with permission to view cached browser data.

Impact

The vulnerability could lead to unauthorized access to the router's administrative functions by exposing plaintext credentials that could be intercepted and misused.

Added: Feb 23, 2026, 5:48 PM

Updated: Feb 23, 2026, 6:17 PM

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

3.3

exploitability

4.9

remediation

0.0

relevance

3.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

3.3

exploitability

4.9

remediation

0.0

relevance

3.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenda F3 Wireless Router Sensitive Information Exposure Vulnerability

Vulnerability

Impact

Affected Products

Shenzhen Tenda F3

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating