CVE-2026-2148 - Vulnerability Details

- Tenda AC21 Web Management DownloadFlash information disclosure

Description

A security vulnerability has been detected in Tenda AC21 16.03.08.16. Affected is an unknown function of the file /cgi-bin/DownloadFlash of the component Web Management Interface. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.

Published: 2026-02-08

Score: 6.9 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability resides in an undisclosed function of the /cgi-bin/DownloadFlash script within the Tenda AC21 web management interface. Exploiting this flaw allows an attacker to gather sensitive information from the device without proper authorization, representing a confidentiality breach covered by CWE-200 and CWE-284. The impact is limited to disclosure of configuration and internal data and does not directly alter system integrity or availability.

Affected Systems

Tenda AC21 routers running firmware version 16.03.08.16 are affected. The issue is confined to the web management component of this model and does not extend to other Tenda products or firmware revisions.

Risk and Exploitability

The vulnerability has a CVSS score of 6.9, indicating moderate severity. EPSS is reported as less than 1 percent, suggesting a low probability of exploitation in the wild, and the issue is not listed in the CISA KEV catalog. Nevertheless, the flaw is publicly disclosed and can be triggered remotely through the web interface, allowing attackers to perform information disclosure without local access or authentication, thereby presenting a tangible risk for administrators who expose the router to external networks.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Tenda

AC21

affected

Version	Status	Constraints
`16.03.08.16`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:tenda:ac21_firmware:16.03.08.16:*:*:*:*:*:*:*

cpe:2.3:h:tenda:ac21:-:*:*:*:*:*:*:*

No data.

Vendor	Product	Confidence	Versions
Tenda	Ac21	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Update the router to the latest firmware that mitigates the DownloadFlash vulnerability.
If an update is unavailable, block remote access to the /cgi-bin/DownloadFlash endpoint using firewall rules or disable the web management interface entirely.
Restrict administrative access to trusted internal networks and enforce strong authentication for all management sessions.

Generated by OpenCVE AI on April 17, 2026 at 21:55 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00022.

Exploitation poc

Automatable no

Technical Impact partial

References

Link	Providers
https://github.com/master-abc/cve/issues/27
https://vuldb.com/?ctiid.344850
https://vuldb.com/?id.344850
https://vuldb.com/?submit.747557
https://www.tenda.com.cn/

History

Mon, 23 Feb 2026 10:00:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:o:tenda:ac21_firmware::::::::

Tue, 10 Feb 2026 22:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 10 Feb 2026 19:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Tenda ac21 Firmware
CPEs		cpe:2.3:h:tenda:ac21:-:::::::* cpe:2.3:o:tenda:ac21_firmware:16.03.08.16:::::::*
Vendors & Products		Tenda ac21 Firmware

Mon, 09 Feb 2026 11:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Tenda Tenda ac21
Vendors & Products		Tenda Tenda ac21

Sun, 08 Feb 2026 11:00:00 +0000

Type	Values Removed	Values Added
Description		A security vulnerability has been detected in Tenda AC21 16.03.08.16. Affected is an unknown function of the file /cgi-bin/DownloadFlash of the component Web Management Interface. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.
Title		Tenda AC21 Web Management DownloadFlash information disclosure
Weaknesses		CWE-200 CWE-284
References		https://github.com/master-abc/cve/issues/27 https://vuldb.com/?ctiid.344850 https://vuldb.com/?id.344850 https://vuldb.com/?submit.747557 https://www.tenda.com.cn/
Metrics		cvssV2_0 `{'score': 5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:N/A:N/E:POC/RL:W/RC:UR'}` cvssV3_0 `{'score': 5.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:W/RC:R'}` cvssV3_1 `{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:W/RC:R'}` cvssV4_0 `{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Tenda Ac21 Ac21 Firmware

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-02-08T10:32:08.524Z

Updated: 2026-02-23T09:40:55.973Z

Reserved: 2026-02-07T07:51:37.880Z

Link: CVE-2026-2148

Vulnrichment

Updated: 2026-02-10T21:20:38.235Z

NVD

Status : Analyzed

Published: 2026-02-08T11:15:51.800

Modified: 2026-02-10T18:51:48.687

Link: CVE-2026-2148

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-17T22:00:11Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Exploitation poc

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object