CVE-2026-5526

CWE-266CWE-284Improper Access Control3 documents3 sources
Severity
6.9MEDIUM
EPSS
0.1%
top 84.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Tenda 4g03 PRO
Timeline
PublishedApr 4
Latest updateApr 5

Description

A security flaw has been discovered in Tenda 4G03 Pro up to 1.0/1.1/04.03.01.53/192.168.0.1. Affected by this vulnerability is an unknown functionality of the file /bin/httpd. The manipulation results in improper access controls. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Affected Packages1 packages

CVEListV5tenda/4g03_pro58 versions+57

🔴Vulnerability Details

2
GHSA
GHSA-6j5r-7fc4-q42h: A security flaw has been discovered in Tenda 4G03 Pro up to 12026-04-05
CVEList
Tenda 4G03 Pro httpd access control2026-04-04
CVE-2026-5526 (MEDIUM CVSS 6.9) | A security flaw has been discovered | cvebase.io