CVE-2026-27511 – Tenda F3 Clickjacking in Web Management Interface

CVE ID : CVE-2026-27511

Published : Feb. 23, 2026, 5:23 p.m. | 1 hour, 42 minutes ago

Description : Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a clickjacking vulnerability in the web-based administrative interface. The interface does not set the X-Frame-Options header, allowing attacker-controlled sites to embed administrative pages in an iframe and trick an authenticated administrator into unintended interactions that may result in unauthorized configuration changes.

Severity: 5.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…