CVE-2026-2148 | Tenda AC21 16.03.08.16 Web Management Interface /cgi-bin/DownloadFlash information disclosure

Inserito da Angelo Barbosa | Feb 7, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in Tenda AC21 16.03.08.16. Affected is an unknown function of the file /cgi-bin/DownloadFlash of the component Web Management Interface. The manipulation leads to information disclosure.

This vulnerability is traded as CVE-2026-2148. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

It is recommended to apply restrictive firewalling.

CVE-2026-2148 | Tenda AC21 16.03.08.16 Web Management Interface /cgi-bin/DownloadFlash information disclosure

Post correlati

CVE-2024-24972 | Gallagher Controller 6000/Controller 7000 Web Interface buffer overflow

CVE-2023-42134 | PAX Technology POS Terminal up to 11.1.45_20230314 USB backdoor

CVE-2025-53393 | Akka up to 2.10.6 Cluster Metrics deserialization

CVE-2025-22557 | WPMagic News Publisher Autopilot Plugin up to 2.1.4 on WordPress cross-site request forgery