CVE-2026-24427

Name of the Vulnerable Software and Affected Versions Shenzhen Tenda AC7 firmware versions prior to V03.03.03.01 cn

Description The firmware for Shenzhen Tenda AC7 devices up to version V03.03.03.01 cn reveals sensitive information within web management responses. This includes administrative credentials, such as the router and admin panel password, being present in plaintext within configuration response bodies. Furthermore, the responses do not include appropriate Cache-Control directives, potentially allowing web browsers to cache pages containing these credentials, which could lead to disclosure if an attacker gains access to the client system or browser profile.

Recommendations Update to a firmware version newer than V03.03.03.01 cn.