Platform
tenda
Component
tenda
Fixed in
1.0.1
CVE-2026-5841 is a path traversal vulnerability affecting the Tenda i3 router, specifically within the R7WebsSecurityHandler component of the HTTP Handler. Successful exploitation allows an attacker to traverse directories and potentially access sensitive files on the device. This vulnerability impacts versions 1.0.0 through 1.0.0.6(2204) of the Tenda i3 firmware. A fix is pending from Tenda.
The path traversal vulnerability in the Tenda i3 router presents a significant security risk. An attacker can exploit this flaw to read arbitrary files from the router's file system. This could include configuration files containing passwords, SSH keys, or other sensitive credentials. Furthermore, depending on the router's configuration and file permissions, an attacker might be able to modify critical system files, leading to a complete compromise of the device. The remote nature of the exploit means an attacker does not need physical access to the router, only network connectivity. Given the widespread use of routers as entry points into home and small business networks, a successful attack could provide a foothold for lateral movement and further compromise of the internal network.
CVE-2026-5841 has been publicly disclosed, and a proof-of-concept exploit is available, increasing the likelihood of exploitation. The vulnerability's severity is rated as HIGH (CVSS 7.3). As of the publication date (2026-04-09), there is no indication of active campaigns targeting this specific vulnerability. The EPSS score is pending evaluation, but the public availability of the exploit suggests a medium to high probability of exploitation if the vulnerability remains unpatched.
Exploit Status
EPSS
0.08% (24% percentile)
CISA SSVC
CVSS Vector
Currently, Tenda has not released a patch for CVE-2026-5841. Until a firmware update is available, several mitigation strategies can be employed. First, restrict network access to the router's web interface using a firewall, allowing only trusted IP addresses to connect. Consider implementing a Web Application Firewall (WAF) or reverse proxy with strict access controls to filter potentially malicious requests targeting the R7WebsSecurityHandler. Regularly monitor router logs for suspicious activity, such as unusual file access attempts. If possible, isolate the router on a separate VLAN to limit the impact of a potential compromise. After a firmware upgrade is released, confirm the vulnerability is resolved by attempting a path traversal attack and verifying that access is denied.
Actualice el firmware del dispositivo Tenda i3 a una versión corregida por el fabricante. Consulte el sitio web de soporte de Tenda para obtener más información sobre las actualizaciones de firmware disponibles.
Vulnerability analysis and critical alerts directly to your inbox.
It's a path traversal vulnerability in the Tenda i3 router's HTTP Handler, allowing attackers to access sensitive files remotely.
If you're using a Tenda i3 router running firmware versions 1.0.0 through 1.0.0.6(2204), you are potentially affected by this vulnerability.
Upgrade to the latest firmware version from Tenda when a patch is released. Until then, implement mitigation strategies like firewall restrictions and WAF rules.
A proof-of-concept exploit is publicly available, increasing the risk of exploitation if the vulnerability remains unpatched.
Refer to the National Vulnerability Database (NVD) entry for CVE-2026-5841 for detailed information and updates: [https://nvd.nist.gov/vuln/detail/CVE-2026-5841](https://nvd.nist.gov/vuln/detail/CVE-2026-5841)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.