High severity7.3NVD Advisory· Published Apr 21, 2026· Updated Apr 27, 2026
CVE-2026-38834
CVE-2026-38834
Description
Tenda W30E V2.0 V16.01.0.21 was found to contain a command injection vulnerability in the do_ping_action function via the hostName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:o:tenda:w30e_firmware:16.01.0.21:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
1- github.com/jsjbcyber/repo/blob/main/rep_1.mdnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.