CVE-2021-47802

HIGH

Tenda D151 and D301 Firmware - Unauthenticated Configuration Download via getimage Endpoint

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-47802. PoCs published by BenChaliah.

AI-analyzed exploit summary This exploit targets Tenda D151 and D301 routers to download the configuration file unauthenticated via /goform/getimage, extracting admin credentials. It uses a custom CMS decoding algorithm to parse the compressed configuration data.

Description

Tenda D151 and D301 routers contain an unauthenticated configuration download vulnerability that allows remote attackers to retrieve router configuration files. Attackers can send a request to /goform/getimage endpoint to download configuration data including admin credentials without authentication.

Exploits (1)

exploitdb WORKING POC
by BenChaliah · pythonremotehardware
https://www.exploit-db.com/exploits/49782

This exploit targets Tenda D151 and D301 routers to download the configuration file unauthenticated via /goform/getimage, extracting admin credentials. It uses a custom CMS decoding algorithm to parse the compressed configuration data.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: Tenda D151 V2.0 50.21.1.5_EN, D301 1.2.11.2_EN, D301 V2.0 50.22.1.8_EN
No auth needed
Prerequisites: Network access to the target router · Router must be vulnerable (specific versions)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 7.5
EPSS 0.0061
EPSS Percentile 44.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact partial

Details

CWE
CWE-306
Status published
Products (2)
tenda/d151_firmware
tenda/d301_firmware
Published Jan 21, 2026
Tracked Since Feb 18, 2026