What is CVE-2026-6024?

CVE-2026-6024 is a high-severity vulnerability in Tenda I6, classified under Path Traversal. CVSS score: 7.3/10. Published 2026-04-10.

How severe is CVE-2026-6024?

High severity. CVSS v3 base score is 7.3 out of 10.

Path Traversal in Tenda I6

CVE-2026-6024

A vulnerability was determined in Tenda i6 1.0.0.7(2204). Affected by this issue is the function R7WebsSecurityHandlerfunction of the component HTTP Handler. This manipulation causes path traversal. It is possible to initiate the attack re…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.004 (57.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.3 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L.

Affected products

Tenda I6 — versions 1.0.0.7(2204)
Tenda I6_firmware — versions 1.0.0.7\(2204\)

Weakness classification (CWE)

CWE-22 — Path Traversal

References

VDB-356600 | Tenda i6 HTTP R7WebsSecurityHandlerfunction path traversal (technical-description, Third Party Advisory, VDB Entry, vdb-entry)
VDB-356600 | CTI Indicators (IOB, IOC, TTP, IOA) (signature, Permissions Required, permissions-required, VDB Entry)
Submit #791826 | Tenda i6 V1.0.0.7(2204) Path Traversal (Third Party Advisory, VDB Entry, third-party-advisory)
cna@vuldb.com (Exploit, Third Party Advisory, exploit)
cna@vuldb.com (Product, product)

Frequently asked questions

What is CVE-2026-6024?: CVE-2026-6024 is a high-severity vulnerability in Tenda I6, classified under Path Traversal. CVSS score: 7.3/10. Published 2026-04-10.
How severe is CVE-2026-6024?: High severity. CVSS v3 base score is 7.3 out of 10.