Tenda i9 HTTP R7WebsSecurityHandlerfunction path traversal_CVE-2026-7036

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was identified in Tenda i9 1.0.0.5(2204). This vulnerability affects the function R7WebsSecurityHandlerfunction of the component HTTP Handler. The manipulation leads to path traversal. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

Basic Information

ID CVE-2026-7036

Source VulDB

Published Apr 26, 2026 at 11:30

Affected Product

Vendor Tenda

Product i9

Version 1.0.0.5(2204)

Affected Versions Tenda i9 1.0.0.5(2204)

CWE Classification

CWE-22

References

{
    "lastseen": "",
    "description": "A vulnerability was identified in Tenda i9 1.0.0.5(2204). This vulnerability affects the function R7WebsSecurityHandlerfunction of the component HTTP Handler. The manipulation leads to path traversal. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.",
    "published": "2026-04-26T11:30:14.570Z",
    "modified": "2026-04-26T11:30:14.570Z",
    "type": "cve",
    "title": "Tenda i9 HTTP R7WebsSecurityHandlerfunction path traversal",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/359616\nhttps://vuldb.com/vuln/359616/cti\nhttps://vuldb.com/submit/798479\nhttps://github.com/Litengzheng/vuldb_new/blob/main/M3/vul_80/README.md\nhttps://www.tenda.com.cn/",
    "id": "CVE-2026-7036",
    "bulletinFamily": "",
    "cwe": [
        "CWE-22"
    ],
    "cvelist": null,
    "sourceData": "Tenda i9 1.0.0.5(2204)",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "i9",
    "version": "1.0.0.5(2204)",
    "vendor": "Tenda",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}