1.0.1
CVE-2026-5849 describes a Path Traversal vulnerability discovered in the Tenda i12 router, specifically within an unknown function of the HTTP Handler. This flaw allows attackers to potentially access unauthorized files and directories on the device. The vulnerability affects versions 1.0.0 through 1.0.0.11(3862) and has been publicly disclosed, increasing the risk of exploitation.
Successful exploitation of CVE-2026-5849 allows an attacker to traverse directories on the Tenda i12 router, potentially gaining access to sensitive configuration files, firmware images, or other data stored on the device. This could lead to unauthorized modification of router settings, data exfiltration, or even complete compromise of the device. The remote nature of the vulnerability means an attacker does not need physical access to the router, significantly expanding the potential attack surface. The impact is amplified if the router is used in a business or home network with sensitive data.
CVE-2026-5849 has been publicly disclosed, indicating a higher probability of exploitation. The vulnerability is present in a widely deployed consumer router, increasing the potential attack surface. No known active campaigns targeting this specific vulnerability have been reported as of the publication date, but the public disclosure makes it a likely target for opportunistic attackers. The vulnerability was added to the NVD on 2026-04-09.
Home and small business users who rely on Tenda i12 routers, particularly those with default configurations or outdated firmware, are at significant risk. Shared hosting environments utilizing Tenda i12 routers for network management are also vulnerable. Users who have exposed their routers directly to the internet without proper security measures are at the highest risk.
• linux / server:
journalctl -u tenda_i12 | grep -i "path traversal"• generic web:
curl -I http://<router_ip>/../../../../etc/passwd• linux / server:
lsof -i :80 | grep tendadisclosure
Exploit-Status
EPSS
0.08% (24% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2026-5849 is to upgrade the Tenda i12 router to a patched firmware version as soon as it becomes available from Tenda. Until a patch is released, consider implementing temporary workarounds to reduce the attack surface. These include restricting network access to the router's web interface using a firewall, implementing strong password policies, and closely monitoring router logs for any suspicious activity. Consider using a Web Application Firewall (WAF) to filter potentially malicious requests. After upgrade, confirm by attempting to access restricted files via the web interface; access should be denied.
Actualice el firmware del dispositivo Tenda i12 a una versión corregida por el fabricante. Consulte el sitio web oficial de Tenda o contacte con el soporte técnico para obtener más información sobre las actualizaciones disponibles.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-5849 is a Path Traversal vulnerability affecting Tenda i12 routers, allowing attackers to access unauthorized files. It has a CVSS score of 7.3 (HIGH).
You are affected if you are using a Tenda i12 router running versions 1.0.0–1.0.0.11(3862).
Upgrade your Tenda i12 router to the latest firmware version available from the Tenda support website. Implement temporary mitigations like network segmentation and WAF rules if immediate upgrade is not possible.
The vulnerability has been publicly disclosed, increasing the likelihood of exploitation. Active exploitation has not been confirmed, but is possible.
Check the Tenda support website for advisories related to CVE-2026-5849. The NVD entry (https://nvd.nist.gov/vuln/detail/CVE-2026-5849) may also contain links to vendor advisories.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.