CNNVD-202601-4356 Information

CNNVD ID

CNNVD-202601-4356

Related CVE

CVE-2026-24428

• CNNVD Published: 2026-01-26

Description (Chinese)

Tenda W30E是中国腾达（Tenda）公司的一款路由器。 Tenda W30E V2 V16.01.0.19(5037)及之前版本存在安全漏洞，该漏洞源于用户管理API存在授权缺陷，可能导致低权限认证用户更改管理员账户密码。

Description (English)

Tenda W30E is a router for Tenda China. There is a security loophole in Tenda W30E V2 V16.01.19 (5037) and earlier versions, which stems from the authorized deficiencies in the user management API, which may result in a change in the administrator ’ s account password by the user with low permission.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

腾达

Published

2026-01-26

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/tenda-w30e-v2-incorrect-authorization-allows-administrator-password-change https://www.tendacn.com/product/W30E https://access.redhat.com/security/cve/cve-2026-24428