CNNVD-202601-4345 Information

CNNVD ID

CNNVD-202601-4345

Related CVE

CVE-2026-24440

• CNNVD Published: 2026-01-26

Description (Chinese)

Tenda W30E是中国腾达（Tenda）公司的一款路由器。 Tenda W30E V2 V16.01.0.19(5037)及之前版本存在安全漏洞，该漏洞源于维护接口允许在不验证现有密码的情况下更改账户密码，可能导致未经授权的密码更改。

Description (English)

Tenda W30E is a router for Tenda China. There is a security loophole in Tenda W30E V2 V16.01.0.19 (5037) and earlier versions, which stems from the maintenance interface that allows the account password to be changed without verifying existing passwords, which may result in unauthorized password changes.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

腾达

Published

2026-01-26

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/tenda-w30e-v2-allows-password-change-without-verifying-current-password https://www.tendacn.com/product/W30E https://access.redhat.com/security/cve/cve-2026-24440