CVE-2021-47802
BaseFortify
Publication date: 2026-01-21
Last updated on: 2026-02-02
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tenda | d151_firmware | * |
| tenda | d151 | * |
| tenda | d301_firmware | * |
| tenda | d301 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability affects Tenda D151 and D301 routers, allowing unauthenticated remote attackers to download the router's configuration file by sending a request to the /goform/getimage endpoint. The configuration file contains sensitive information such as admin credentials, which are base64-encoded and can be decoded. Additionally, attackers can activate the Telnet service remotely via the /goform/telnet endpoint, potentially enabling further unauthorized access. The configuration data is compressed with a custom LZW-like scheme, but an exploit script can decompress and extract the sensitive information without authentication. [1]
How can this vulnerability impact me? :
This vulnerability can have severe impacts as it allows attackers to remotely obtain the router's admin credentials without any authentication, leading to unauthorized control over the device. Attackers can also enable the Telnet service remotely, which may allow them to execute commands or further compromise the network. This can result in loss of network confidentiality, unauthorized configuration changes, and potential network takeover. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect this vulnerability by sending an unauthenticated HTTP GET request to the endpoint /goform/getimage on the router's IP address. For example, using curl: curl http://<router-ip>/goform/getimage If the router responds with a compressed configuration file, it indicates the vulnerability is present. Additionally, checking if the Telnet service can be activated remotely by requesting /goform/telnet can also indicate exploitation. The retrieved configuration file can be decoded using a custom decompression script as described in the exploit details. [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows unauthenticated remote attackers to download router configuration files containing sensitive information such as admin credentials. Exposure of such sensitive data can lead to unauthorized access and potential data breaches, which may violate data protection requirements under standards like GDPR and HIPAA. Therefore, this vulnerability negatively impacts compliance by increasing the risk of unauthorized data disclosure and access. [1]
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability immediately, you should: 1) Restrict remote access to the router's management interface to trusted networks only, preventing external access to the /goform/getimage and /goform/telnet endpoints. 2) Disable or block access to the Telnet service if it is enabled or can be activated remotely. 3) Change the router's admin credentials after ensuring the device is secure. 4) Monitor network traffic for suspicious requests targeting the vulnerable endpoints. 5) Check for and apply any firmware updates or patches provided by the vendor to fix this vulnerability. If no patch is available, consider replacing the device or isolating it from untrusted networks until a fix is applied. [1]