How to fix EUVD-2026-21313?

Within 24 hours: Inventory all Tenda i6 routers in production and identify devices running firmware 1.0.0.7(2204). Within 7 days: Isolate affected routers from untrusted networks or implement network segmentation limiting external access to administrative interfaces. Within 30 days: Monitor Tenda vendor advisories for firmware patches; if available, upgrade all vulnerable devices to patched firmware versions immediately upon release. Concurrently, evaluate replacement of Tenda i6 routers with alternative vendors offering active security support.

Is Tenda affected by EUVD-2026-21313?

CVE-2026-6024 is a critical path traversal vulnerability in Tenda i6 routers that enables unauthenticated remote attackers to read, write, or delete arbitrary files on affected devices.

EUVD-2026-21313

| CVE-2026-6024 MEDIUM

2026-04-10 VulDB

GHSA-5v5f-c63q-mm7g

6.9

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

PoC Detected

Apr 10, 2026 - 06:16 vuln.today

Public exploit code

Analysis Generated

Apr 10, 2026 - 05:45 vuln.today

EUVD ID Assigned

Apr 10, 2026 - 05:45 euvd

EUVD-2026-21313

CVE Published

Apr 10, 2026 - 05:15 nvd

MEDIUM 6.9

Description

A vulnerability was determined in Tenda i6 1.0.0.7(2204). Affected by this issue is the function R7WebsSecurityHandlerfunction of the component HTTP Handler. This manipulation causes path traversal. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.

Analysis

Path traversal in Tenda i6 router firmware 1.0.0.7(2204) allows unauthenticated remote attackers to read, write, or delete arbitrary files via malicious HTTP requests to the R7WebsSecurityHandlerfunction component. CVSS 7.3 (High) reflects network-accessible exploitation without authentication. …

Remediation

Within 24 hours: Inventory all Tenda i6 routers in production and identify devices running firmware 1.0.0.7(2204). Within 7 days: Isolate affected routers from untrusted networks or implement network segmentation limiting external access to administrative interfaces. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.1

CVSS: +34

POC: +20

EUVD-2026-21313 vulnerability details – vuln.today

Back

EUVD-2026-21313

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

EUVD-2026-21313

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code