CVE-2026-5841 - Vulnerability Details

- Tenda i3 HTTP R7WebsSecurityHandler path traversal

Description

A weakness has been identified in Tenda i3 1.0.0.6(2204). The affected element is the function R7WebsSecurityHandler of the component HTTP Handler. Executing a manipulation can lead to path traversal. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks.

Published: 2026-04-09

Score: 6.9 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

A path traversal flaw exists in the R7WebsSecurityHandler component of Tenda i3’s HTTP handler. Unauthenticated attackers can send crafted HTTP requests that manipulate the path parameter, causing the device to resolve the path outside the intended directory. This CWE‑22 weakness enables remote read access to critical configuration files, logs, or other sensitive data, potentially compromising confidentiality and integrity of the device’s system files.

Affected Systems

The vulnerability impacts Tenda i3 routers running firmware version 1.0.0.6(2204). No other vendors or product versions are reported to be affected.

Risk and Exploitability

The CVSS score of 6.9 indicates medium severity, and the description confirms the attack can be performed remotely via the web interface. Exploit code has been made publicly available, implying that the flaw is actively used by attackers. Although EPSS data is not provided and the flaw is not listed in KEV, the presence of public exploits demonstrates a non‑negligible risk for devices exposed to the Internet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Tenda

affected

Version	Status	Constraints
`1.0.0.6(2204)`	affected	—

No data.

Vendor Product Confidence Versions

Tenda

100%

Version	Status	Scheme	Platform
`1.0.0.6(2204)`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Obtain and install the latest firmware from Tenda that addresses the path traversal flaw.
If a firmware update is not yet available, restrict external access to the router’s web interface by configuring the device or upstream firewall to accept management traffic only from trusted IP ranges.
Configure the router to block requests containing directory traversal sequences such as ".." or encoded equivalents, if the device supports custom firewall rules.
Monitor the device logs for anomalous file access requests and notify administrators if suspicious activity is detected.
Maintain an inventory of all Tenda i3 devices and ensure those running firmware 1.0.0.6(2204) are either updated or isolated until a fix is applied.

Generated by OpenCVE AI on April 9, 2026 at 07:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00084.

Exploitation poc

Automatable yes

Technical Impact partial

References

Link	Providers
https://github.com/MrXiaoFan/TendaVul/tree/main/tenda-i3-V1.0.0.6(2204)-R7WebsSecurityHandler-Authentication%20Bypass%20Issues
https://vuldb.com/submit/789935
https://vuldb.com/vuln/356297
https://vuldb.com/vuln/356297/cti
https://www.tenda.com.cn/

History

Thu, 09 Apr 2026 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 09 Apr 2026 08:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Tenda i3
Vendors & Products		Tenda i3

Thu, 09 Apr 2026 05:15:00 +0000

Type	Values Removed	Values Added
Description		A weakness has been identified in Tenda i3 1.0.0.6(2204). The affected element is the function R7WebsSecurityHandler of the component HTTP Handler. Executing a manipulation can lead to path traversal. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks.
Title		Tenda i3 HTTP R7WebsSecurityHandler path traversal
First Time appeared		Tenda Tenda i3 Firmware
Weaknesses		CWE-22
CPEs		cpe:2.3:o:tenda:i3_firmware::::::::
Vendors & Products		Tenda Tenda i3 Firmware
References		https://github.com/MrXiaoFan/TendaVul/tree/main/tenda-i3-V1.0.0.6(2204)-R7WebsSecurityHandler-Authentication%20Bypass%20Issues https://vuldb.com/submit/789935 https://vuldb.com/vuln/356297 https://vuldb.com/vuln/356297/cti https://www.tenda.com.cn/
Metrics		cvssV2_0 `{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}` cvssV3_0 `{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}` cvssV3_1 `{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Tenda I3 I3 Firmware

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-04-09T04:15:19.245Z

Updated: 2026-04-09T13:27:56.313Z

Reserved: 2026-04-08T17:35:42.288Z

Link: CVE-2026-5841

Vulnrichment

Updated: 2026-04-09T13:27:52.555Z

NVD

Status : Received

Published: 2026-04-09T05:16:06.187

Modified: 2026-04-09T05:16:06.187

Link: CVE-2026-5841

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-09T08:24:59Z

Weaknesses

CWE-22

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Exploitation poc

Automatable yes

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object