CVE-2026-5571

MEDIUM

Technostrobe HI-LED-WR120-G2 Configuration Data fs information disclosure

Title source: cna

Description

A vulnerability was identified in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. The impacted element is an unknown function of the file /fs of the component Configuration Data Handler. Such manipulation of the argument File leads to information disclosure. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

References (4)

Core 4

Core References

Vdb Entry, Technical Description vdb-entry technical-description

VDB-355341 | Technostrobe HI-LED-WR120-G2 Configuration Data fs information disclosure

https://vuldb.com/vuln/355341

Signature, Permissions Required signature permissions-required

VDB-355341 | CTI Indicators (IOB, IOC, TTP, IOA)

https://vuldb.com/vuln/355341/cti

Third Party Advisory third-party-advisory

Submit #783324 | Technostrobe HI-LED-WR120-G2 Obstruction Lighting Controller 5.5.0.1R6.03.30 Information Disclosure

https://vuldb.com/submit/783324

Exploit exploit

https://github.com/shiky8/my--cve-vulnerability-research/blob/main/my_VulnDB_cves/CVE-TECHNOSTROBE-03-InfoDisclosure.md

View Exploit ZIP pw:eip

Scores

CVSS v3 5.3

EPSS 0.0047

EPSS Percentile 37.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-200 CWE-284

Status published

Products (2)

Technostrobe/HI-LED-WR120-G2 5.5.0.1R6.03.30

technostrobe/hi-led-wr120-g2_firmware 5.5.0.1r6.03.30

Published Apr 05, 2026

Tracked Since Apr 05, 2026