PT-2026-24098
An incorrect access control vulnerability exists in Tenda W15E V02.03.01.26 cn. An unauthenticated attacker can access the /cgi-bin/DownloadCfg/RouterCfm.jpg endpoint to download the configuration file containing plaintext administrator credentials, leading to sensitive information disclosure and...