CVE-2026-5573

HIGH

Technostrobe HI-LED-WR120-G2 fs unrestricted upload

Title source: cna

Description

A weakness has been identified in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. This impacts an unknown function of the file /fs. Executing a manipulation of the argument cwd can lead to unrestricted upload. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

References (4)

Scores

CVSS v3 7.3
EPSS 0.0002
EPSS Percentile 3.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Details

CWE
CWE-284 CWE-434
Status published
Products (1)
Technostrobe/HI-LED-WR120-G2 5.5.0.1R6.03.30
Published Apr 05, 2026
Tracked Since Apr 05, 2026