CVE-2026-5849
Published: 09 April 2026
Description
A vulnerability was determined in Tenda i12 1.0.0.11(3862). The impacted element is an unknown function of the component HTTP Handler. Executing a manipulation can lead to path traversal. The attack may be launched remotely. The exploit has been publicly disclosed…
more
and may be utilized.
Mitigating Controls (NIST 800-53 r5)AI
Directly mitigates path traversal by requiring validation of HTTP handler inputs to block or sanitize directory traversal sequences like '../'.
Mandates identification and remediation of the specific path traversal flaw in the Tenda i12 firmware via patching or updates.
Boundary protection at external interfaces can inspect and block remote path traversal attempts targeting the HTTP handler.
Security SummaryAI
CVE-2026-5849 is a path traversal vulnerability (CWE-22) in Tenda i12 firmware version 1.0.0.11(3862). The issue affects an unknown function within the HTTP Handler component, where manipulation enables traversal outside intended directories.
The vulnerability can be exploited remotely by unauthenticated attackers with low complexity, as reflected in its CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L). Successful exploitation grants limited access to read, modify, or disrupt files, potentially compromising device integrity and exposing sensitive data.
Advisories and details are available via VulDB entries (https://vuldb.com/vuln/356375, https://vuldb.com/vuln/356375/cti, https://vuldb.com/submit/791217) and the vendor site (https://www.tenda.com.cn/). A proof-of-concept exploit is publicly disclosed on GitHub (https://github.com/Litengzheng/vuldb_new/blob/main/i12/vul_110/README.md) and may be utilized in attacks.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Path traversal in HTTP handler of public-facing router firmware enables remote exploitation (T1190) and file read access for network device configuration dump (T1602.002).