Security Advisory

CVE-2026-38834

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-21 00:00:00

Last updated 2026-04-21 19:23:17

Assigner mitre

State PUBLISHED

Description

Tenda W30E V2.0 V16.01.0.21 was found to contain a command injection vulnerability in the do_ping_action function via the hostName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

← Browse all CVEs View on cve.org ↗