Security Advisory

CVE-2026-24107

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-02 00:00:00
Last updated 2026-03-03 01:48:20
Assigner mitre
State PUBLISHED

Description

An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Failure to validate the value of `usbPartitionName`, which is directly used in `doSystemCmd`, may lead to critical command injection vulnerabilities.