Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.9
Technostrobe HI-LED-WR120-G2 allows attackers to upload files remotely
CVE-2026-5573
Summary
A security weakness in the Technostrobe HI-LED-WR120-G2 software allows attackers to upload files to the device without permission. This could be done from anywhere on the internet. To protect your device, we recommend checking with the vendor for an update and applying it as soon as possible.
Original title
A weakness has been identified in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. This impacts an unknown function of the file /fs. Executing a manipulation of the argument cwd can lead to unrestrict...
Original description
A weakness has been identified in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. This impacts an unknown function of the file /fs. Executing a manipulation of the argument cwd can lead to unrestricted upload. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
nvd CVSS2.0
7.5
nvd CVSS3.1
7.3
nvd CVSS4.0
6.9
Vulnerability type
CWE-284
Improper Access Control
CWE-434
Unrestricted File Upload
Published: 5 Apr 2026 · Updated: 5 Apr 2026 · First seen: 5 Apr 2026