CVE-2026-24107 POC (Proof-of-Concept)

An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Failure to validate the value of `usbPartitionName`, which is directly used in `doSystemCmd`, may lead to critical command injection vulnerabilities.

Published: 2026-03-02

CVSS: 9.8

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Download CVE-2026-24107 POC (Proof-of-Concept) here:

http://zeroday5ujpidshxn6zbfitgjltnm6ynx5pvtpmptj3lsq46b6vvrpqd.onion/exploit-for-cve-2026-24107.768/

Tip: Download official Tor Browser at https://www.torproject.org/download/ to access .onion links.

Check our portfolio:

http://zeroday5ujpidshxn6zbfitgjltnm6ynx5pvtpmptj3lsq46b6vvrpqd.onion/members/ccsfteam.254/

https://dnacompany.com/poc-318-cve-2026-26273/

https://dnacompany.com/poc-780-cve-2025-30042/

https://dnacompany.com/poc-762-cve-2026-3376/

https://dnacompany.com/poc-375-cve-2026-2686/

https://dnacompany.com/poc-525-cve-2026-2981/

Social media

Our Services

Contact us

Earthcrate