Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-01-01	CVE-2020-35391	Forced Browsing vulnerability in Tenda F3 Firmware 12.01.01.48 Tenda N300 F3 12.01.01.48 devices allow remote attackers to obtain sensitive information (possibly including an http_passwd line) via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg, a related issue to CVE-2017-14942. low complexity tenda CWE-425	6.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.