CVE-2026-24428
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2026-01-26

Last updated on: 2026-01-29

Assigner: VulnCheck

Description
Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) contain an authorization flaw in the user management API that allows a low-privileged authenticated user to change the administrator account password. By sending a crafted request directly to the backend endpoint, an attacker can bypass role-based restrictions enforced by the web interface and obtain full administrative privileges.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-26
Last Modified
2026-01-29
Generated
2026-06-16
AI Q&A
2026-01-26
EPSS Evaluated
2026-06-14
NVD
CVE-2026-24428
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
tenda w30e_firmware to 16.01.0.19\(5037\) (inc)
tenda w30e 2.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-863 The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an authorization flaw in the Shenzhen Tenda W30E V2 router firmware (up to version V16.01.0.19). It allows a low-privileged authenticated user to change the administrator account password by sending a specially crafted request directly to the backend API endpoint. This bypasses the role-based access controls normally enforced by the web interface, enabling the attacker to gain full administrative privileges on the device. [1]

Impact Analysis

Exploiting this vulnerability allows an attacker with low-level access to escalate their privileges to full administrator on the affected router. This means the attacker can control the device, change settings, potentially intercept or manipulate network traffic, and compromise the security and integrity of the network connected to the router. [1]

Detection Guidance

Detection involves monitoring for unauthorized or suspicious requests to the backend user management API endpoint that allow password changes by low-privileged users. Since the vulnerability is exploited by sending specially crafted requests to the backend, network traffic inspection tools like Wireshark or tcpdump can be used to capture HTTP requests to the router's management interface. Additionally, using curl or similar tools to test if a low-privileged user can change the administrator password by sending crafted requests to the backend endpoint can help confirm the vulnerability. Specific commands are not provided in the resources. [1]

Mitigation Strategies

Immediate mitigation steps include restricting access to the router's management interface to trusted users only, disabling remote management if enabled, and monitoring for suspicious activity. Since the vulnerability allows low-privileged authenticated users to escalate privileges, ensure that only trusted users have any access to the device. Applying firmware updates from the vendor that fix this authorization flaw is recommended once available. No specific mitigation commands or patches are detailed in the provided resources. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-24428. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart