Vulnerability-Lookup

CNVD-2026-11735

Vulnerability from cnvd - Published: 2026-02-24

Title

Tenda W30E信息泄露漏洞

Description

Tenda W30E是中国腾达（Tenda）公司的一款路由器。 Tenda W30E存在信息泄露漏洞，攻击者可利用该漏洞导致凭据泄露。

Severity

中

Formal description

厂商尚未提供漏洞修复方案，请关注厂商主页更新： https://www.tendacn.com/product/W30E

Reference

https://nvd.nist.gov/vuln/detail/CVE-2026-24431

Impacted products

Name
Tenda W30E <=V16.01.0.19(5037)

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2026-24431",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2026-24431"
    }
  },
  "description": "Tenda W30E\u662f\u4e2d\u56fd\u817e\u8fbe\uff08Tenda\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u8def\u7531\u5668\u3002\n\nTenda W30E\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u51ed\u636e\u6cc4\u9732\u3002",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1a\r\nhttps://www.tendacn.com/product/W30E",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2026-11735",
  "openTime": "2026-02-24",
  "products": {
    "product": "Tenda W30E \u003c=V16.01.0.19(5037)"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2026-24431",
  "serverity": "\u4e2d",
  "submitTime": "2026-01-30",
  "title": "Tenda W30E\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}

CVE-2026-24431 (GCVE-0-2026-24431)

Vulnerability from cvelistv5 – Published: 2026-01-26 17:40 – Updated: 2026-01-26 21:07

Title

Tenda W30E V2 Web UI Reveals Passwords in Cleartext

Summary

Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) display stored user account passwords in plaintext within the administrative web interface. Any user with access to the affected management pages can directly view credentials.

Severity ?

7.1 (High)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

CWE

CWE-317 - Cleartext Storage of Sensitive Information in GUI

Assigner

VulnCheck

References

URL

Tags

	https://www.tendacn.com/product/W30E	product
	https://www.vulncheck.com/advisories/tenda-w30e-v…	third-party-advisory

Impacted products

	Vendor	Product	Version
	Shenzhen Tenda Technology Co., Ltd.	W30E V2	Affected: 0 , ≤ 16.01.0.19(5037) (semver)

Credits

Kazuma Matsumoto, a security researcher at GMO Cybersecurity by IERAE, Inc.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-24431",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-26T21:07:29.419546Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-26T21:07:38.744Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "W30E V2",
          "vendor": "Shenzhen Tenda Technology Co., Ltd.",
          "versions": [
            {
              "lessThanOrEqual": "16.01.0.19(5037)",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Kazuma Matsumoto, a security researcher at GMO Cybersecurity by IERAE, Inc."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) display stored user account passwords in plaintext within the administrative web interface. Any user with access to the affected management pages can directly view credentials."
            }
          ],
          "value": "Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) display stored user account passwords in plaintext within the administrative web interface. Any user with access to the affected management pages can directly view credentials."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-317",
              "description": "CWE-317 Cleartext Storage of Sensitive Information in GUI",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-26T17:40:41.464Z",
        "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "shortName": "VulnCheck"
      },
      "references": [
        {
          "tags": [
            "product"
          ],
          "url": "https://www.tendacn.com/product/W30E"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.vulncheck.com/advisories/tenda-w30e-v2-missing-csrf-protections-for-administrative-actions"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Tenda W30E V2 Web UI Reveals Passwords in Cleartext",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
    "assignerShortName": "VulnCheck",
    "cveId": "CVE-2026-24431",
    "datePublished": "2026-01-26T17:40:41.464Z",
    "dateReserved": "2026-01-22T20:23:19.803Z",
    "dateUpdated": "2026-01-26T21:07:38.744Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2026-11735

CVE-2026-24431 (GCVE-0-2026-24431)

Tags

Sightings

Nomenclature