CVE-2026-5570

HighPublic PoC

Published: 05 April 2026

Published

05 April 2026

Modified

30 April 2026

KEV Added

—

Patch

—

CVSS Score 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

EPSS Score 0.0030 53.3th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Description

A vulnerability was determined in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. The affected element is the function index_config of the file /LoginCB. This manipulation causes improper authentication. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may…

be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Mitigating Controls (NIST 800-53 r5)AI

IA-2 Identification and Authentication (Organizational Users) good match

prevent

Requires robust identification and authentication mechanisms for users accessing the /LoginCB function, directly preventing improper authentication bypass in the device firmware.

AC-3 Access Enforcement good match

prevent

Enforces approved authorizations following authentication, blocking unauthorized remote manipulation of the index_config function despite the vulnerability.

SI-2 Flaw Remediation good match

prevent

Mandates timely identification, reporting, and remediation of the improper authentication flaw, addressing the lack of vendor patch for this publicly disclosed CVE.

Security SummaryAI

CVE-2026-5570 is an improper authentication vulnerability (CWE-287) in the Technostrobe HI-LED-WR120-G2 device running firmware version 5.5.0.1R6.03.30. The issue affects the index_config function in the /LoginCB file, enabling manipulation that bypasses authentication mechanisms.

The vulnerability allows remote exploitation by unauthenticated attackers (PR:N) with low attack complexity (AC:L) and no user interaction (UI:N), as reflected in its CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L). Attackers can achieve limited impacts on confidentiality, integrity, and availability through authentication bypass.

Advisories referenced in VulDB entries and a GitHub repository describe the vulnerability and include a publicly disclosed exploit. The vendor was contacted early regarding disclosure but provided no response or mitigation guidance.

The exploit has been publicly disclosed and may be utilized, with no vendor patch available as of publication on 2026-04-05.

Details

CWE(s): CWE-287

Affected Products

technostrobe

hi-led-wr120-g2 firmware

5.5.0.1r6.03.30

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

The vulnerability is an improper authentication bypass in a public-facing web interface (/LoginCB), directly enabling remote unauthenticated exploitation of a public-facing application for initial access.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://github.com/shiky8/my--cve-vulnerability-research/blob/main/my_VulnDB_cves/CVE-TECHNOSTROBE-02-AuthBypass.md
Exploit, Mitigation, Third Party Advisory · cna@vuldb.com
https://vuldb.com/submit/783323
Third Party Advisory, VDB Entry · cna@vuldb.com
https://vuldb.com/vuln/355340
Third Party Advisory, VDB Entry · cna@vuldb.com
https://vuldb.com/vuln/355340/cti
Permissions Required, VDB Entry · cna@vuldb.com