CVE-2026-38835 in W30Einformation

Résumé

par MITRE • 21/04/2026

Tenda W30E V2.0 V16.01.0.21 was found to contain a command injection vulnerability in the formSetUSBPartitionUmount function via the usbPartitionName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsable

MITRE

Réserver

06/04/2026

Divulgation

21/04/2026

Modérer

accepté

Entrée

VDB-358533

CPE

prêt

CWE

CWE-77 (confirmé)

CVSS

6.3 (VulDB)

EPSS

0.01022

KEV

non

Activités

très faible

Secteur

Lawfirm, Hostingprovider, ...

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-38835
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-38835
CVE Details	https://www.cvedetails.com/cve/CVE-2026-38835/

◂ Précédent Aperçu Suivant ▸

Might our Artificial Intelligence support you?

Check our Alexa App!