CVE-2026-24432
BaseFortify
Publication date: 2026-01-26
Last updated on: 2026-01-28
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tenda | w30e_firmware | to 16.01.0.19\(5037\) (inc) |
| tenda | w30e | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-352 | The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Cross-Site Request Forgery (CSRF) issue in the Shenzhen Tenda W30E V2 router firmware up to version V16.01.0.19(5037). It occurs because administrative endpoints, including those used to change administrator account credentials, lack CSRF protections. An attacker can craft malicious requests that, when triggered by an authenticated user's browser, can change administrative passwords and other configuration settings without authorization. [1]
How can this vulnerability impact me? :
This vulnerability can allow an attacker to modify administrative passwords and configuration settings on the affected router without authorization. This could lead to unauthorized access or changes to the router's configuration, potentially compromising network security. However, the impact on confidentiality and availability is not significant, with a low integrity impact. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves monitoring for unauthorized or unexpected changes to administrative settings on the Tenda W30E V2 router, especially changes to administrator account credentials. Since the vulnerability is a CSRF issue affecting administrative endpoints, one approach is to inspect HTTP requests to the router's administrative interface for suspicious POST requests that change configuration without proper CSRF tokens. Network traffic capture tools like Wireshark or tcpdump can be used to analyze such requests. However, no specific detection commands or signatures are provided in the available resources. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating the Tenda W30E V2 router firmware to a version later than V16.01.0.19(5037) where the CSRF protections are implemented. If an update is not available, restrict access to the router's administrative interface to trusted networks only, avoid using the router's web interface from untrusted devices, and educate users to avoid clicking on suspicious links while authenticated to the router. Additionally, consider resetting administrator credentials after applying mitigations to ensure no unauthorized changes persist. [1]