Unrated severityNVD Advisory· Published Jan 21, 2026· Updated Jan 22, 2026
Tenda D151 & D301 - Configuration Download
CVE-2021-47802
Description
Tenda D151 and D301 routers contain an unauthenticated configuration download vulnerability that allows remote attackers to retrieve router configuration files. Attackers can send a request to /goform/getimage endpoint to download configuration data including admin credentials without authentication.
Affected products
3- Shenzhen Tenda Technology Co.,Ltd./Tenda D151 & D301v5Range: -
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- www.exploit-db.com/exploits/49782mitreexploit
- www.vulncheck.com/advisories/tenda-d-d-configuration-downloadmitrethird-party-advisory
- www.tendacn.com/us/mitreproduct
News mentions
0No linked articles in our index yet.