CVE-2026-27511
Clickjacking Vulnerability in Tenda F3 Router Admin Interface
Publication date: 2026-02-23
Last updated on: 2026-02-23
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tenda | f3_firmware | to 12.01.01.55_multi (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1021 | The web application does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain, which can lead to user confusion about which interface the user is interacting with. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': "CVE-2026-27511 is a clickjacking vulnerability found in the Shenzhen Tenda F3 Wireless Router firmware version 12.01.01.55_multi. The issue exists because the router's web-based administrative interface does not set the X-Frame-Options HTTP header."}, {'type': 'paragraph', 'content': "Without this header, attacker-controlled websites can embed the router's administrative pages inside an iframe and trick an authenticated administrator into performing unintended actions by clicking on hidden or disguised elements."}, {'type': 'paragraph', 'content': 'This can lead to unauthorized configuration changes on the router.'}] [2]
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': "This vulnerability can impact you by allowing an attacker to manipulate the router's settings without your knowledge or consent."}, {'type': 'paragraph', 'content': "If an authenticated administrator is tricked into interacting with a malicious site embedding the router's admin interface, unauthorized configuration changes may be made."}, {'type': 'paragraph', 'content': 'Such changes could compromise the security or functionality of your network, potentially exposing it to further attacks or disruptions.'}] [2]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by checking if the web-based administrative interface of the Shenzhen Tenda F3 Wireless Router firmware version 12.01.01.55_multi does not set the X-Frame-Options HTTP header.'}, {'type': 'paragraph', 'content': "One way to detect this is to send an HTTP request to the router's administrative interface and inspect the response headers for the presence or absence of the X-Frame-Options header."}, {'type': 'paragraph', 'content': 'For example, you can use the following command with curl to check the headers:'}, {'type': 'list_item', 'content': 'curl -I http://[router-ip-address]/'}, {'type': 'paragraph', 'content': 'If the X-Frame-Options header is missing in the response, the interface is vulnerable to clickjacking.'}] [2]
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': "Immediate mitigation steps include restricting access to the router's administrative interface to trusted networks and users only, to reduce the risk of an attacker exploiting the clickjacking vulnerability."}, {'type': 'paragraph', 'content': "Additionally, avoid visiting untrusted or suspicious websites while logged into the router's administrative interface, as these could attempt to exploit the vulnerability via malicious iframes."}, {'type': 'paragraph', 'content': 'If possible, update the router firmware to a version that addresses this vulnerability or contact the vendor for patches or configuration recommendations.'}] [2]