CVE-2026-6024

Sažetak

A vulnerability was determined in Tenda i6 1.0.0.7(2204). Affected by this issue is the function R7WebsSecurityHandlerfunction of the component HTTP Handler. This manipulation causes path traversal. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.

Reference

https://github.com/Litengzheng/vuldb_new/blob/main/M3/vul_84/README.md
https://vuldb.com/submit/791826
https://vuldb.com/vuln/356600
https://vuldb.com/vuln/356600/cti
https://www.tenda.com.cn/

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

10-04-2026 - 06:16

Objavljeno

10-04-2026 - 06:16