CVE-2026-24428

HIGH

Shenzhen Tenda W30E V2 <16.01.0.19(5037) - Privilege Escalation

Title source: llm

Description

Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) contain an authorization flaw in the user management API that allows a low-privileged authenticated user to change the administrator account password. By sending a crafted request directly to the backend endpoint, an attacker can bypass role-based restrictions enforced by the web interface and obtain full administrative privileges.

References (2)

Core 2

Core References

Product product

https://www.tendacn.com/product/W30E

Third Party Advisory third-party-advisory

https://www.vulncheck.com/advisories/tenda-w30e-v2-incorrect-authorization-allows-administrator-password-change

Scores

CVSS v3 8.8

EPSS 0.0006

EPSS Percentile 17.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-863

Status published

Products (2)

Shenzhen Tenda Technology Co., Ltd./W30E V2 < 16.01.0.19(5037)

tenda/w30e_firmware < 16.01.0.19\(5037\)

Published Jan 26, 2026

Tracked Since Feb 18, 2026