{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-24429", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-01-22T20:23:19.802Z", "datePublished": "2026-01-26T17:39:02.845Z", "dateUpdated": "2026-05-14T02:09:31.751Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unknown", "product": "W30E V2", "vendor": "Shenzhen Tenda Technology Co., Ltd.", "versions": [{"lessThanOrEqual": "16.01.0.19(5037)", "status": "affected", "version": "0", "versionType": "custom"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:tenda:w30e_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "16.01.0.19(5037)"}]}]}], "credits": [{"lang": "en", "type": "finder", "value": "Kazuma Matsumoto, a security researcher at GMO Cybersecurity by IERAE, Inc."}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) ship with a predefined default password for a built-in authentication account that is not required to be changed during initial configuration. An attacker can leverage these default credentials to gain authenticated access to the management interface."}], "value": "Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) ship with a predefined default password for a built-in authentication account that is not required to be changed during initial configuration. An attacker can leverage these default credentials to gain authenticated access to the management interface."}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 9.3, "baseSeverity": "CRITICAL", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-1393", "description": "CWE-1393: Use of Default Password", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-05-14T02:09:31.751Z"}, "references": [{"tags": ["product"], "url": "https://www.tendacn.com/product/W30E"}, {"tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/tenda-w30e-v2-hardcoded-default-password-for-built-in-account"}], "source": {"discovery": "UNKNOWN"}, "title": "Tenda W30E V2 Hardcoded Default Password for Built-in Account", "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-26T18:56:51.732752Z", "id": "CVE-2026-24429", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-26T18:57:30.228Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-24429", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-01-26T18:56:51.732752Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-26T18:57:07.554Z"}}], "cna": {"title": "Tenda W30E V2 Hardcoded Default Password for Built-in Account", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Kazuma Matsumoto, a security researcher at GMO Cybersecurity by IERAE, Inc."}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Shenzhen Tenda Technology Co., Ltd.", "product": "W30E V2", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "16.01.0.19(5037)"}], "defaultStatus": "unknown"}], "references": [{"url": "https://www.tendacn.com/product/W30E", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/tenda-w30e-v2-hardcoded-default-password-for-built-in-account", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) ship with a predefined default password for a built-in authentication account that is not required to be changed during initial configuration. An attacker can leverage these default credentials to gain authenticated access to the management interface.", "supportingMedia": [{"type": "text/html", "value": "Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) ship with a predefined default password for a built-in authentication account that is not required to be changed during initial configuration. An attacker can leverage these default credentials to gain authenticated access to the management interface.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1393", "description": "CWE-1393: Use of Default Password"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:tenda:w30e_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "16.01.0.19(5037)"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-05-14T02:09:31.751Z"}}}, "cveMetadata": {"cveId": "CVE-2026-24429", "state": "PUBLISHED", "dateUpdated": "2026-05-14T02:09:31.751Z", "dateReserved": "2026-01-22T20:23:19.802Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-01-26T17:39:02.845Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:tenda:w30e_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4DB07B19-71FC-4936-98BD-36A8B3B7CBF0", "versionEndIncluding": "16.01.0.19\\(5037\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:tenda:w30e:-:*:*:*:*:*:*:*", "matchCriteriaId": "02FBE634-0D3F-4439-B4A6-F427C82967C7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) ship with a predefined default password for a built-in authentication account that is not required to be changed during initial configuration. An attacker can leverage these default credentials to gain authenticated access to the management interface."}], "id": "CVE-2026-24429", "lastModified": "2026-01-29T13:01:22.300", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-01-26T18:16:40.267", "references": [{"source": "disclosure@vulncheck.com", "tags": ["Product"], "url": "https://www.tendacn.com/product/W30E"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://www.vulncheck.com/advisories/tenda-w30e-v2-hardcoded-default-password-for-built-in-account"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1393"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-16T17:42:03.611638+00:00", "value": {"mitigation_remediation": ["Log in using the default credentials for the built\u2011in account and immediately change the password to a strong, unique account password.", "Upgrade the router to the latest firmware version released by Shenzhen Tenda that removes or requires password change for the built\u2011in account.", "If an up\u2011to\u2011date firmware is unavailable, disable the built\u2011in account entirely or restrict the management interface to trusted local IP addresses and block remote management ports from the internet."], "summary": {"action": "Immediate Patch", "impact": "Authenticated Access to Management Interface"}, "threat_synthesis": {"affected_systems": "The affected device is the Shenzhen Tenda Technology Co., Ltd. W30E V2 router. Firmware versions up to and including V16.01.0.19(5037) contain the hardcoded default password. No other manufacturers or product lines are listed as affected.", "description_and_impact": "The vulnerability arises from the Tenda W30E V2 firmware embedding a hardcoded default password for a built\u2011in authentication account that is not required to be changed during initial configuration. This flaw allows an attacker to log in with the supplied default credentials, thereby gaining authenticated access to the router's management interface. The impact is classic credential misuse, enabling an attacker to alter device settings, monitor traffic, or use the device as part of a larger attack chain. This weakness maps to CWE-1393, identifying it as a hardcoded or default credential issue.", "risk_and_exploitability": "The CVSS v3.1 score of 9.3 indicates critical severity. Despite the extremely low EPSS (<1%), the threat remains high because an attacker only needs to know or guess a single known credential pair to gain privileged access. The likely attack vector is remote access to the router's web\u2011based management interface over the LAN or WAN, which many home and small\u2011office networks expose. Because this shortcut removes the need for credential discovery or exploitation of other software, remediation is crucial even if actual exploitation probabilities are low."}}}}, "created": "2026-01-27T20:17:36.720504+00:00", "updated": "2026-04-16T17:45:27.381240+00:00", "vendors": ["tenda", "tenda$PRODUCT$w30e"]}