Description
A vulnerability was detected in Tenda CH22 1.0.0.6(468). This issue affects the function R7WebsSecurityHandlerfunction of the component httpd. The manipulation results in path traversal. The attack may be launched remotely. The exploit is now public and may be used.
Published: 2026-04-09
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Remote File Disclosure or Modification
Action: Immediate Patch
AI Analysis

Impact

A path traversal flaw in the R7WebsSecurityHandlerfunction of Tenda CH22’s httpd component allows an attacker to manipulate file paths and read or alter arbitrary files on the device. The vulnerability, identified as CWE‑22, can be triggered remotely via crafted HTTP requests, potentially exposing sensitive configuration data or enabling further attacks such as code execution if the attacker can write malicious files.

Affected Systems

The affected hardware is the Tenda CH22 router with firmware version 1.0.0.6(468). No other versions or models are listed in the official CNA data.

Risk and Exploitability

The CVSS base score of 6.9 indicates medium to high severity. EPSS information is not available, and the issue is not currently listed in the CISA KEV catalog. However, a public exploit exists, implying that attackers can exploit this weakness from outside the local network if the device’s web interface is reachable.

Generated by OpenCVE AI on April 9, 2026 at 18:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest firmware patch or upgrade the device to a version that fixes the path traversal flaw as released by Tenda.
  • If a patch is not yet available, disable or block external access to the device’s HTTP interface using a firewall or by placing the router on an isolated network segment.
  • Monitor web server logs for suspicious requests targeting the affected handler and investigate any unauthorized read/write attempts.

Generated by OpenCVE AI on April 9, 2026 at 18:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 30 Apr 2026 15:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:h:tenda:ch22:-:*:*:*:*:*:*:*
cpe:2.3:o:tenda:ch22_firmware:1.0.0.6\(468\):*:*:*:*:*:*:*

Fri, 10 Apr 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Tenda ch22
Vendors & Products Tenda ch22

Fri, 10 Apr 2026 04:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 09 Apr 2026 17:00:00 +0000

Type Values Removed Values Added
Description A vulnerability was detected in Tenda CH22 1.0.0.6(468). This issue affects the function R7WebsSecurityHandlerfunction of the component httpd. The manipulation results in path traversal. The attack may be launched remotely. The exploit is now public and may be used.
Title Tenda CH22 httpd R7WebsSecurityHandlerfunction path traversal
First Time appeared Tenda
Tenda ch22 Firmware
Weaknesses CWE-22
CPEs cpe:2.3:o:tenda:ch22_firmware:*:*:*:*:*:*:*:*
Vendors & Products Tenda
Tenda ch22 Firmware
References
Metrics cvssV2_0

{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Tenda Ch22 Ch22 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-09T19:01:37.732Z

Reserved: 2026-04-09T10:03:15.706Z

Link: CVE-2026-5962

cve-icon Vulnrichment

Updated: 2026-04-09T19:01:20.442Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-09T17:16:35.037

Modified: 2026-04-30T15:38:43.107

Link: CVE-2026-5962

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-10T09:32:09Z

Weaknesses