Tenda W30E V2 Cache-Control Vulnerability Allowing Credential Exposure

Vulnerability

A vulnerability exists in the Tenda W30E V2 router, specifically in firmware versions up to and including V16.01.0.19(5037). The issue arises because sensitive administrative content is served without proper cache-control directives. This oversight can lead to browsers storing responses that contain credentials, which could then be accessed by unauthorized parties.

Impact

Exposing credential-bearing responses to unauthorized access.

Added: Jan 26, 2026, 6:22 PM

Updated: Jan 26, 2026, 6:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.7

exploitability

3.0

remediation

0.0

relevance

2.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.7

exploitability

3.0

remediation

0.0

relevance

2.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenda W30E V2 Cache-Control Vulnerability Allowing Credential Exposure

Vulnerability

Impact

Affected Products

Shenzhen Tenda W30E V2

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating