ГлавнаяУязвимости → CVE-2026-24436
9.8критическая

CVE-2026-24436

Описание

Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) do not enforce rate limiting or account lockout mechanisms on authentication endpoints. This allows attackers to perform unrestricted brute-force attempts against administrative credentials.

Затрагиваемое ПО
Tenda W30e firmwareTenda W30e
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://www.tendacn.com/product/W30Ehttps://www.vulncheck.com/advisories/tenda-w30e-v2-lacks-rate-limiting-on-authentication