CVE-2026-7036

HIGH NVD

CVSS Score 7.3

Severity HIGH

Published Apr 26, 2026

Vendor unknown

Description

A vulnerability was identified in Tenda i9 1.0.0.5(2204). This vulnerability affects the function R7WebsSecurityHandlerfunction of the component HTTP Handler. The manipulation leads to path traversal. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

References

https://github.com/Litengzheng/vuldb_new/blob/main/M3/vul_80/README.md
https://vuldb.com/submit/798479
https://vuldb.com/vuln/359616
https://vuldb.com/vuln/359616/cti
https://www.tenda.com.cn/