CVE-2026-24435
BaseFortify
Publication date: 2026-01-26
Last updated on: 2026-02-02
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tenda | w30e_firmware | to 16.01.0.19\(5037\) (inc) |
| tenda | w30e | 2.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-942 | The product uses a web-client protection mechanism such as a Content Security Policy (CSP) or cross-domain policy file, but the policy includes untrusted domains with which the web client is allowed to communicate. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows unauthorized access to sensitive administrative data via cross-origin requests due to an insecure CORS policy. This exposure of sensitive data could lead to non-compliance with data protection regulations such as GDPR and HIPAA, which require strict controls to protect personal and sensitive information from unauthorized access. [1]
Can you explain this vulnerability to me?
This vulnerability exists in the Tenda W30E V2 router firmware up to version V16.01.0.19(5037). It is caused by an insecure Cross-Origin Resource Sharing (CORS) policy on authenticated administrative endpoints. The device sets the HTTP header Access-Control-Allow-Origin to '*' (allowing all origins) while also setting Access-Control-Allow-Credentials to 'true'. This combination allows attacker-controlled websites to make credentialed cross-origin requests to the router, potentially accessing sensitive administrative data without authorization. [1]
How can this vulnerability impact me? :
An attacker can exploit this vulnerability remotely without any privileges or user interaction by crafting malicious websites that perform credentialed cross-origin requests to the router's administrative endpoints. This can lead to unauthorized access to sensitive administrative data, potentially compromising the security and control of the affected device and network. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect this vulnerability by inspecting the HTTP headers of the administrative endpoints on the Tenda W30E V2 router. Specifically, check if the response headers include `Access-Control-Allow-Origin: *` together with `Access-Control-Allow-Credentials: true`. A simple way to do this is by using curl commands to send requests to the router's admin interface and observe the headers. For example: `curl -I http://<router-ip>/admin` and look for the mentioned headers in the response. If these headers are present as described, the device is vulnerable. [1]