Nixpkgs security tracker
Dismissed
(not in Nixpkgs)
Permalink
CVE-2026-7036
7.3 HIGH
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): None (N)
- User Interaction (UI): None (N)
- Scope (S): Unchanged (U)
- Confidentiality (C): Low (L)
- Integrity (I): Low (L)
- Availability (A): Low (L)
- Exploit Code Maturity (E): Proof-of-Concept (P)
- Remediation Level (RL): Not Defined (X)
- Report Confidence (RC): Reasonable (R)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): None (N)
- Modified Confidentiality (MC): Low (L)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): Low (L)
- Modified Availability (MA): Low (L)
by @LeSuisse Activity log
- Created suggestion
- @LeSuisse dismissed (not in Nixpkgs)
Tenda i9 HTTP R7WebsSecurityHandlerfunction path traversal
A vulnerability was identified in Tenda i9 1.0.0.5(2204). This vulnerability affects the function R7WebsSecurityHandlerfunction of the component HTTP Handler. The manipulation leads to path traversal. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
References
-
VDB-359616 | Tenda i9 HTTP R7WebsSecurityHandlerfunction path traversal vdb-entrytechnical-description
-
-
Submit #798479 | Tenda i9 V1.0.0.5(2204) Absolute Path Traversal third-party-advisory
-
https://www.tenda.com.cn/ product
Affected products
i9
- ==1.0.0.5(2204)
Matching in nixpkgs
pkgs.tests.fetchpatch.hunks
None
-
nixos-25.11 g14i9w095qp8
- nixos-25.11-small g14i9w095qp8
- nixpkgs-25.11-darwin g14i9w095qp8
pkgs.tests.fetchpatch.relative
None
-
nixos-unstable 1d6cwshw1qi9
- nixpkgs-unstable 1d6cwshw1qi9
- nixos-unstable-small 1d6cwshw1qi9