CVE-2026-5962

HIGH CVSS 7.3 View on NVD ↗

Description

A vulnerability was detected in Tenda CH22 1.0.0.6(468). This issue affects the function R7WebsSecurityHandlerfunction of the component httpd. The manipulation results in path traversal. The attack may be launched remotely. The exploit is now public and may be used.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

References

https://github.com/Litengzheng/vuldb_new/blob/main/CH22/vul_55/README.md
https://vuldb.com/submit/791277
https://vuldb.com/vuln/356515
https://vuldb.com/vuln/356515/cti
https://www.tenda.com.cn/

Published: Apr 09, 2026 17:16 UTC Modified: Apr 09, 2026 17:16 UTC