CVE-2026-5962

HighPublic PoC

Published: 09 April 2026

Published

09 April 2026

Modified

30 April 2026

KEV Added

—

Patch

—

CVSS Score 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

EPSS Score 0.0024 46.8th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Description

A vulnerability was detected in Tenda CH22 1.0.0.6(468). This issue affects the function R7WebsSecurityHandlerfunction of the component httpd. The manipulation results in path traversal. The attack may be launched remotely. The exploit is now public and may be used.

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Timely flaw remediation directly patches the path traversal vulnerability in the R7WebsSecurityHandler function of the httpd component, preventing remote exploitation.

SI-10 Information Input Validation good match

prevent

Information input validation rejects malicious path traversal payloads sent to the vulnerable web handler, blocking unauthorized file access.

AC-3 Access Enforcement partial match

prevent

Access enforcement mediates file access requests, limiting damage from successful path traversal by denying unauthorized reads or writes outside intended directories.

Security SummaryAI

CVE-2026-5962 is a path traversal vulnerability (CWE-22) in Tenda CH22 firmware version 1.0.0.6(468). The issue affects the R7WebsSecurityHandlerfunction within the httpd component, enabling manipulation that leads to unauthorized file access outside intended directories.

The vulnerability is exploitable remotely by unauthenticated attackers requiring low complexity and no user interaction, per its CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L). Successful exploitation grants limited impacts on confidentiality, integrity, and availability, such as reading or modifying restricted files.

Advisories and additional details are documented in VulDB entries (vuldb.com/vuln/356515 and related pages) and a GitHub repository containing a public exploit (github.com/Litengzheng/vuldb_new/blob/main/CH22/vul_55/README.md). The Tenda website (tenda.com.cn) provides manufacturer resources, which security practitioners should review for patch availability or mitigation steps.

The exploit is public and may be used, posing elevated risk to unpatched Tenda CH22 devices exposed to the internet.

Details

CWE(s): CWE-22

Affected Products

tenda

ch22 firmware

1.0.0.6\(468\)

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

Path traversal vulnerability in public-facing httpd web interface enables unauthenticated remote exploitation of public-facing application for unauthorized file access.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://github.com/Litengzheng/vuldb_new/blob/main/CH22/vul_55/README.md
Exploit, Third Party Advisory · cna@vuldb.com
https://vuldb.com/submit/791277
Third Party Advisory, VDB Entry · cna@vuldb.com
https://vuldb.com/vuln/356515
Third Party Advisory, VDB Entry · cna@vuldb.com
https://vuldb.com/vuln/356515/cti
Permissions Required, VDB Entry · cna@vuldb.com
https://www.tenda.com.cn/
Product · cna@vuldb.com