CVE-2026-30402 - Vulnerability Analysis
CriticalCVSS: 9.8Last Updated: March 20, 2026
wgcloud - Remote Code Execution
Published: March 19, 2026Updated: March 20, 2026Remote Exploitable
Overview
wgcloud <= 2.3.7 contains a remote code execution caused by improper handling in the test connection function, letting remote attackers execute arbitrary code, exploit requires network access.
Severity & Score
Severity: Critical
CVSS Score: 9.8
EPSS Score: 28.7%(Probability of exploitation in next 30 days)
Impact
Remote attackers can execute arbitrary code, potentially leading to full system compromise.
Mitigation
Update to the latest version of wgcloud.
References
Social Media Activity(1 post)
TheHackerWire
@thehackerwire
š“ CVE-2026-30402 - Critical (9.8) An issue in wgcloud v.2.3.7 and before allows a remote attacker to execute arbitrary code via the test connection function š https://www.thehackerwire.com/vulnerability/CVE-2026-30402/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-30402
- Severity
- Critical
- CVSS Score
- 9.8
- Type
- undefined
- Status
- unconfirmed
- EPSS
- 28.7%
- Social Posts
- 1
CWE
- CWE-94
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
28.7%Probability of exploitation in the next 30 days