CNNVD-202601-4354 Information

CNNVD ID

CNNVD-202601-4354

Related CVE

CVE-2026-24431

• CNNVD Published: 2026-01-26

Description (Chinese)

Tenda W30E是中国腾达（Tenda）公司的一款路由器。 Tenda W30E V2 V16.01.0.19(5037)及之前版本存在安全漏洞，该漏洞源于管理Web界面以明文显示用户密码，可能导致凭据泄露。

Description (English)

Tenda W30E is a router for Tenda China. There is a security loophole in Tenda W30E V2 V16.01.0.19 (5037) and earlier versions, which stems from the management of the Web interface to clearly display user passwords, which may lead to the disclosure of evidence.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

腾达

Published

2026-01-26

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/tenda-w30e-v2-missing-csrf-protections-for-administrative-actions https://www.tendacn.com/product/W30E https://access.redhat.com/security/cve/cve-2026-24431