Platform
linux
Component
technostrobe-hi-led-wr120-g2
Fixed in
5.5.1
A critical vulnerability has been discovered in Technostrobe HI-LED-WR120-G2 firmware version 5.5.0.1R6.03.30. This vulnerability allows for unrestricted file uploads via manipulation of the 'cwd' argument within the /fs file, potentially granting attackers unauthorized access and control. The vulnerability is remotely exploitable and a public proof-of-concept exists, indicating a high likelihood of exploitation. While a fix is pending, mitigation strategies are available.
The unrestricted upload vulnerability in Technostrobe HI-LED-WR120-G2 poses a significant threat. An attacker could leverage this flaw to upload malicious files, potentially including web shells, ransomware, or other malware. Successful exploitation could lead to complete compromise of the device, allowing the attacker to control its functionality, steal sensitive data, or use it as a pivot point to attack other systems on the network. The availability of a public exploit significantly increases the risk of widespread exploitation, particularly given the device's potential use in critical infrastructure or industrial control systems. The ability to manipulate the 'cwd' argument suggests a potential for arbitrary code execution, expanding the attack surface considerably.
This vulnerability has been publicly disclosed and a proof-of-concept exploit is available, indicating a high probability of exploitation. The vendor's lack of response raises concerns about the timeliness of a potential fix. The vulnerability is not currently listed on CISA KEV, but its severity and public exploit availability warrant close monitoring. The ease of exploitation suggests that opportunistic attackers may quickly begin targeting vulnerable devices.
Exploit Status
EPSS
0.05% (15% percentile)
CISA SSVC
CVSS Vector
Due to the lack of a vendor-provided patch, immediate mitigation is crucial. First, isolate the affected HI-LED-WR120-G2 devices from the network to prevent remote exploitation. Implement strict firewall rules to block all inbound traffic to the /fs endpoint. Consider using a web application firewall (WAF) to filter potentially malicious file uploads. Monitor system logs for unusual file activity or suspicious processes. While a rollback to a previous, unaffected firmware version is not explicitly mentioned, it should be considered if available and tested thoroughly before deployment. Regularly scan the device for unauthorized files and monitor its behavior for signs of compromise.
Update the Technostrobe HI-LED-WR120-G2 device to a patched version that addresses the unrestricted upload vulnerability. Since the vendor has not responded, it is recommended to contact Technostrobe directly for information on updates or workarounds. Implement additional security measures, such as firewalls and intrusion detection systems, to mitigate the risk.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-5573 is a HIGH severity vulnerability allowing remote attackers to upload files to the Technostrobe HI-LED-WR120-G2 device via manipulation of the 'cwd' argument in the /fs file.
You are affected if you are running Technostrobe HI-LED-WR120-G2 firmware version 5.5.0.1R6.03.30 and have not implemented mitigation strategies.
A vendor patch is currently unavailable. Mitigate by isolating the device, implementing firewall rules, and using a WAF.
A public proof-of-concept exists, indicating a high probability of active exploitation.
The vendor has not yet released an advisory. Monitor Technostrobe's website and security mailing lists for updates.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.