Description
Shenzhen Tenda AC7 firmware version V03.03.03.01_cn and prior expose account credentials in plaintext within HTTP responses, allowing an on-path attacker to obtain sensitive authentication material.
Published: 2026-02-03
Score: 8.2 High
EPSS: < 1% Very Low
KEV: No
Impact: Credential compromise via clear‑text HTTP exposure
Action: Immediate patch
AI Analysis

Impact

A flaw in the Shenzhen Tenda AC7 firmware V03.03.03.01_cn and earlier releases causes administrative usernames and passwords to appear in clear text within HTTP responses, thereby leaking credentials to anyone who observes the traffic. This credential exposure allows an attacker on the same network to obtain administrative access to the device, which could be used to examine or change device settings. The weakness is a clear‑text transmission issue (CWE‑319).

Affected Systems

Devices: Shenzhen Tenda Technology Co., Ltd. Tenda AC7 router, firmware version V03.03.03.01_cn and all earlier releases. The issue has been documented for the AC7 hardware line.

Risk and Exploitability

The vulnerability carries a CVSS v3.1 score of 8.2, indicating high severity. Exploit probability is reported as less than 1 %, suggesting active exploitation is currently uncommon, and the vulnerability is not listed in CISA’s KEV catalog. An attacker would need to passively intercept unencrypted HTTP traffic on the local network; no special privileges on the device are required. Successful interception yields the router’s administrative credentials, which could allow an attacker to gain unauthorized administrative access to the device. The likely attack vector is network sniffing on the local machine.

Generated by OpenCVE AI on April 18, 2026 at 00:06 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the router to the latest firmware that removes credential exposure
  • Disable the router’s HTTP interface or block port 80 so that no clear‑text traffic is served
  • Enable HTTPS or disable the device’s web administration over HTTP, ensuring encrypted management access
  • If a patch is not yet available, monitor the network for HTTP responses that may reveal username and password data as a temporary safeguard

Generated by OpenCVE AI on April 18, 2026 at 00:06 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 10 Feb 2026 14:15:00 +0000

Type Values Removed Values Added
First Time appeared Tenda ac7 Firmware
CPEs cpe:2.3:h:tenda:ac7:-:*:*:*:*:*:*:*
cpe:2.3:o:tenda:ac7_firmware:*:*:*:*:*:*:*:*
Vendors & Products Tenda ac7 Firmware
Metrics cvssV3_1

{'score': 5.9, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N'}

Wed, 04 Feb 2026 12:15:00 +0000

Type Values Removed Values Added
First Time appeared Tenda
Tenda ac7
Vendors & Products Tenda
Tenda ac7

Tue, 03 Feb 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 03 Feb 2026 19:45:00 +0000

Type Values Removed Values Added
Description Shenzhen Tenda AC7 firmware version V03.03.03.01_cn and prior expose account credentials in plaintext within HTTP responses, allowing an on-path attacker to obtain sensitive authentication material.
Title Tenda AC7 Transmits Admin Credentials Without HTTPS Protection
Weaknesses CWE-319
References
Metrics cvssV4_0

{'score': 8.2, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Tenda Ac7 Ac7 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-05T01:30:40.770Z

Reserved: 2026-01-22T20:23:19.804Z

Link: CVE-2026-24441

cve-icon Vulnrichment

Updated: 2026-02-03T21:13:51.828Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-03T20:15:58.663

Modified: 2026-02-10T14:10:35.380

Link: CVE-2026-24441

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T00:15:31Z

Weaknesses