Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-24439

Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) fail to include the X-Content-Type-Options: nosniff response header on web management interfaces. As a result, browsers that perform MIME sniffing may incorrectly interpret attacker-influenced responses as executable script.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.7%
CVSS Severity
CVSS v3 Score 6.5
Products affected by CVE-2026-24439
  • Tenda » W30e » Version: 2.0
    cpe:2.3:h:tenda:w30e:2.0
  • Tenda » W30e Firmware » Version: 1.0.0.4(510)
    cpe:2.3:o:tenda:w30e_firmware:1.0.0.4(510)
  • Tenda » W30e Firmware » Version: 1.0.1.25
    cpe:2.3:o:tenda:w30e_firmware:1.0.1.25
  • Tenda » W30e Firmware » Version: 1.0.1.25(633)
    cpe:2.3:o:tenda:w30e_firmware:1.0.1.25(633)
  • Tenda » W30e Firmware » Version: 16.01.0.12(4843)
    cpe:2.3:o:tenda:w30e_firmware:16.01.0.12(4843)
  • Tenda » W30e Firmware » Version: 16.01.0.19(5037)
    cpe:2.3:o:tenda:w30e_firmware:16.01.0.19(5037)
  • Tenda » W30e Firmware » Version: 16.01.0.8
    cpe:2.3:o:tenda:w30e_firmware:16.01.0.8


Products
Pricing
Contact Us

Shodan ® - All rights reserved