CVE-2026-24428 | Tenda W30E V2 up to 16.01.0.19(5037) User Management API authorization

Inserito da Angelo Barbosa | Gen 27, 2026 | CVE

A vulnerability was found in Tenda W30E V2 up to 16.01.0.19(5037) and classified as very critical. Affected by this vulnerability is an unknown functionality of the component User Management API. Executing a manipulation can lead to incorrect authorization.

This vulnerability is tracked as CVE-2026-24428. The attack can be launched remotely. No exploit exists.

CVE-2026-24428 | Tenda W30E V2 up to 16.01.0.19(5037) User Management API authorization

Post correlati

CVE-2024-37769 | 14Finger 1.1 POST Request permission (Issue 12)

CVE-2023-4604 | 2J Slideshow, Image Slider Plugin up to 1.3.54 on WordPress post cross site scripting

CVE-2024-42388 | Cesanta Mongoose Web Server up to 7.14 TLS Packet out-of-range pointer offset

CVE-2024-47941 | Siemens Solid Edge SE2024 up to 224.0 Update 8 PAR File out-of-bounds (ssa-351178)