Vulnerability in Shenzhen Tenda Technology Co., Ltd. W30e V2

CVE-2026-24440

Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) allow account passwords to be changed through the maintenance interface without requiring verification of the existing password. This enables unauthorized passw…

EPSS: 0.003 (18.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2026-24440?
CVE-2026-24440 is a high-severity vulnerability in Shenzhen Tenda Technology Co., Ltd. W30e V2, classified under CWE-620. CVSS score: 8.8/10. Published 2026-01-26.
How severe is CVE-2026-24440?
High severity. CVSS v3 base score is 8.8 out of 10.