CVE-2026-38834
Published
CVSS v3
7.3
HIGH
CVSS v2
N/A
Affected
1
PROJECT
Description
Tenda W30E V2.0 V16.01.0.21 was found to contain a command injection vulnerability in the do_ping_action function via the hostName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
GitHub