CVE-2026-5574 | Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30 FsBrowseClean deletefile dir/path authorization

Inserito da Angelo Barbosa | Apr 4, 2026 | CVE

A vulnerability identified as problematic has been detected in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. Affected is the function deletefile of the component FsBrowseClean. The manipulation of the argument dir/path leads to missing authorization.

This vulnerability is listed as CVE-2026-5574. The attack may be initiated remotely. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-5574 | Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30 FsBrowseClean deletefile dir/path authorization

Post correlati

CVE-2025-22891 | F5 BIG-IP up to 16.1.4/17.1.1 Diameter Endpoint release of resource (K000139778)

CVE-2024-3473 | Header Footer Code Manager Pro Plugin up to 1.0.16 on WordPress Message cross site scripting

CVE-2023-51612 | Kofax Power PDF JP2 File Parser use after free (ZDI-23-1913)

CVE-2023-52471 | Linux Kernel up to 6.7.1 ice_ptp.c devm_kasprintf null pointer dereference (3cd9b9bee33f/3027e7b15b02)