Tenda W30E V2 Default Password Vulnerability in Management Interface

Vulnerability

A vulnerability exists in the Tenda W30E V2 router, specifically in firmware versions up to and including V16.01.0.19(5037). The issue arises from a hardcoded default password for a built-in authentication account, which is not required to be changed during the initial setup. This oversight allows attackers to use the default credentials to gain authenticated access to the router's management interface.

Impact

Exploitation of this vulnerability allows for unauthorized authenticated access to the router's management interface, potentially leading to further configuration changes or access to the network.

Added: Jan 26, 2026, 6:28 PM

Updated: Jan 26, 2026, 6:28 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

6.3

remediation

0.0

relevance

2.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

6.3

remediation

0.0

relevance

2.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenda W30E V2 Default Password Vulnerability in Management Interface

Vulnerability

Impact

Affected Products

Shenzhen Tenda W30E V2

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating