Tenda CH22 httpd R7WebsSecurityHandlerfunction path traversal_CVE-2026-5962

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was detected in Tenda CH22 1.0.0.6(468). This issue affects the function R7WebsSecurityHandlerfunction of the component httpd. The manipulation results in path traversal. The attack may be launched remotely. The exploit is now public and may be used.

Basic Information

ID CVE-2026-5962

Source VulDB

Published Apr 9, 2026 at 16:30

Modified Apr 9, 2026 at 19:01

Affected Product

Vendor Tenda

Product CH22

Version 1.0.0.6(468)

Affected Versions Tenda CH22 1.0.0.6(468)

CWE Classification

CWE-22

References

{
    "lastseen": "",
    "description": "A vulnerability was detected in Tenda CH22 1.0.0.6(468). This issue affects the function R7WebsSecurityHandlerfunction of the component httpd. The manipulation results in path traversal. The attack may be launched remotely. The exploit is now public and may be used.",
    "published": "2026-04-09T16:30:16.464Z",
    "modified": "2026-04-09T19:01:37.732Z",
    "type": "cve",
    "title": "Tenda CH22 httpd R7WebsSecurityHandlerfunction path traversal",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/356515\nhttps://vuldb.com/vuln/356515/cti\nhttps://vuldb.com/submit/791277\nhttps://github.com/Litengzheng/vuldb_new/blob/main/CH22/vul_55/README.md\nhttps://www.tenda.com.cn/",
    "id": "CVE-2026-5962",
    "bulletinFamily": "",
    "cwe": [
        "CWE-22"
    ],
    "cvelist": null,
    "sourceData": "Tenda CH22 1.0.0.6(468)",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "CH22",
    "version": "1.0.0.6(468)",
    "vendor": "Tenda",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}