CVE-2026-27514 - Tenda F3 Plaintext Credential Exposure in Configuration Download

CVE ID : CVE-2026-27514 Published : Feb. 23, 2026, 5:23 p.m. | 51 minutes ago Description : Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a sensitive information exposure vulnerability in the configuration download functionality. The configuration download response includes the router password and administrative password in plaintext. The endpoint also omits appropriate Cache-Control directives, which can allow the response to be stored in client-side caches and recovered by other local users or processes with access to cached browser data. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...