VYPR
Unrated severityNVD Advisory· Published Jan 26, 2026· Updated Mar 5, 2026

Tenda W30E V2 Lacks Rate Limiting on Authentication

CVE-2026-24436

Description

Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) do not enforce rate limiting or account lockout mechanisms on authentication endpoints. This allows attackers to perform unrestricted brute-force attempts against administrative credentials.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Tenda/W30E V2llm-create2 versions
    <=V16.01.0.19(5037)+ 1 more
    • (no CPE)range: <=V16.01.0.19(5037)
    • (no CPE)range: 0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.