VYPR
Unrated severityNVD Advisory· Published Jan 26, 2026· Updated Mar 5, 2026

Tenda W30E V2 HTTP Responses Expose Plaintext Credentials

CVE-2026-24430

Description

Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) disclose sensitive account credentials in cleartext within HTTP responses generated by the maintenance interface. Because the management interface is accessible over unencrypted HTTP by default, credentials may be exposed to network-based interception.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.