CVE-2026-6024

HIGH CVSS 7.3 View on NVD ↗

Description

A vulnerability was determined in Tenda i6 1.0.0.7(2204). Affected by this issue is the function R7WebsSecurityHandlerfunction of the component HTTP Handler. This manipulation causes path traversal. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

References

https://github.com/Litengzheng/vuldb_new/blob/main/M3/vul_84/README.md
https://vuldb.com/submit/791826
https://vuldb.com/vuln/356600
https://vuldb.com/vuln/356600/cti
https://www.tenda.com.cn/

Published: Apr 10, 2026 06:16 UTC Modified: Apr 10, 2026 06:16 UTC