CNNVD-202601-4351 Information

CNNVD ID

CNNVD-202601-4351

Related CVE

CVE-2026-24435

• CNNVD Published: 2026-01-26

Description (Chinese)

Tenda W30E是中国腾达（Tenda）公司的一款路由器。 Tenda W30E V2 V16.01.0.19(5037)及之前版本存在安全漏洞，该漏洞源于管理端点实施不安全的跨资源共享策略，可能导致攻击者发起跨域凭据请求。

Description (English)

Tenda W30E is a router for Tenda China. There is a security loophole in Tenda W30E V2 V16.01.19 (5037) and earlier versions, which stems from an unsafe cross-resource-sharing strategy at the management end, which may lead to cross-domain proof requests from the attackers.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

腾达

Published

2026-01-26

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/tenda-w30e-v2-permissive-cors-allows-cross-origin-data-access https://www.tendacn.com/product/W30E https://access.redhat.com/security/cve/cve-2026-24435