CVE-2026-24436
BaseFortify
Publication date: 2026-01-26
Last updated on: 2026-01-28
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tenda | w30e_firmware | to 16.01.0.19\(5037\) (inc) |
| tenda | w30e | 2.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-307 | The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Shenzhen Tenda W30E V2 router firmware versions up to V16.01.0.19(5037). It is caused by the lack of rate limiting or account lockout mechanisms on authentication endpoints, allowing attackers to perform unlimited brute-force attacks against administrative credentials. This means attackers can repeatedly try to guess the admin password without any restriction, potentially gaining unauthorized access. [1]
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized initial access to the router by allowing attackers to brute-force administrative credentials without limitation. This can compromise the confidentiality, integrity, and availability of the device and the network it manages, potentially allowing attackers to control the router, intercept or manipulate network traffic, and disrupt services. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring authentication attempts to the Shenzhen Tenda W30E V2 router for an unusually high number of failed login attempts without any account lockout or rate limiting. Network administrators can use network traffic analysis tools or log inspection to identify repeated authentication requests to the router's administrative interface. Specific commands depend on the environment, but for example, using tools like tcpdump or Wireshark to capture traffic on the router's management port and filtering for repeated login attempts could help. Additionally, checking router logs for repeated failed authentication attempts can indicate exploitation attempts. However, no specific commands are provided in the available resources. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting network access to the router's administrative interface to trusted IP addresses only, implementing external protections such as firewall rules or VPN access to limit exposure, and monitoring for brute-force attempts. Since the firmware lacks built-in rate limiting or account lockout, applying firmware updates if available or contacting the vendor for patches is recommended. If no patch is available, consider replacing the device or disabling remote administration to reduce risk. [1]