jsjbcyber/repo

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2026-38834 ↗	Apr 21, 2026Tuesday, 21 April 2026, 17:16	7.3 HIGH	—
Tenda W30E V2.0 V16.01.0.21 was found to contain a command injection vulnerability in the do_ping_action function via the hostName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
CVE-2026-38835 ↗	Apr 21, 2026Tuesday, 21 April 2026, 17:16	9.8 CRITICAL	—
Tenda W30E V2.0 V16.01.0.21 was found to contain a command injection vulnerability in the formSetUSBPartitionUmount function via the usbPartitionName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.