Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Tenda F3 Clickjacking in Web Management Interface
Vulnerability Description
Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a clickjacking vulnerability in the web-based administrative interface. The interface does not set the X-Frame-Options header, allowing attacker-controlled sites to embed administrative pages in an iframe and trick an authenticated administrator into unintended interactions that may result in unauthorized configuration changes.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Vulnerability Type
不当限制渲染UI层或帧
Vulnerability Title
Tenda F3 安全漏洞
Vulnerability Description
Tenda F3是中国腾达(Tenda)公司的一款无线路由器。 Tenda F3 V12.01.01.55_multi版本存在安全漏洞,该漏洞源于Web管理界面未设置X-Frame-Options标头,可能导致点击劫持攻击。
CVSS Information
N/A
Vulnerability Type
N/A