W20e Firmware
CVE-2026-24107
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3DescriptionCVE.org
An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Failure to validate the value of usbPartitionName, which is directly used in doSystemCmd, may lead to critical command injection vulnerabilities.
AnalysisAI
Tenda W20E router has a code injection vulnerability in usbPartitionName parameter allowing unauthenticated remote code execution with EPSS 1.1%.
Technical ContextAI
Tenda W20E V4.0br_V15.11.0.6 has a CWE-94 code injection in the usbPartitionName parameter of formsetUsbUnload. First of eight Tenda W20E vulnerabilities.
RemediationAI
Update firmware. All eight W20E vulnerabilities must be patched.
More in W20e Firmware
View allTenda W20E has a ninth buffer overflow in yet another CGI endpoint.
Tenda W20E has an eighth buffer overflow in addDhcpRules parameter.
Tenda W20E has a seventh buffer overflow in gstup parameter handling.
Tenda W20E has a sixth buffer overflow in pPortMapIndex parameter validation.
Tenda W20E has a fifth buffer overflow.
Tenda W20E has a fourth buffer overflow vulnerability.
Tenda W20E has a third buffer overflow in a different CGI parameter.
Tenda W20E has a buffer overflow — second of eight critical vulnerabilities in this router firmware.
Tenda W20E v15.11.0.6(US_W20EV4.0br_v15.11.0.6(1068_1546_841 is vulnerable to Buffer Overflow via function formSetSysTim
Tenda W20E v15.11.0.6 (US_W20EV4.0br_v15.11.0.6(1068_1546_841)_CN_TDC) is vulnerable to Buffer Overflow via function for
Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in
Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in
Same weakness CWE-94 – Code Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today