PT-2026-4795 · Tenda · Tenda W30E
Kazuma Matsumoto
·
Published
2026-01-26
·
Updated
2026-01-26
·
CVE-2026-24440
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037)
Description
The firmware allows account passwords to be changed through the maintenance interface without verifying the existing password. This allows unauthorized password changes if an attacker gains access to the device.
Recommendations
Update to a firmware version newer than V16.01.0.19(5037).
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tenda W30E