Vulnerabilities ›

CVE-2026-5571

Medium

A vulnerability was identified in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. The impacted element is an unknown funct

CWE-200 — Weakness Type

                    Published: Apr 5, 2026                      ·  Modified: Apr 8, 2026                      ·  Source: NVD                

CVSS v3

5.3

🔗 NVD Official

📄 Description (English)

A vulnerability was identified in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. The impacted element is an unknown function of the file /fs of the component Configuration Data Handler. Such manipulation of the argument File leads to information disclosure. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

🤖 AI Executive Summary

CVE-2026-5571 is a medium-severity information disclosure vulnerability in Technostrobe HI-LED-WR120-G2 firmware version 5.5.0.1R6.03.30 affecting the Configuration Data Handler component. The vulnerability allows remote attackers to manipulate file arguments and access sensitive configuration data through the /fs endpoint.

📄 Description (Arabic)

تؤثر هذه الثغرة على معالج بيانات التكوين في جهاز Technostrobe HI-LED-WR120-G2 وتسمح بالوصول غير المصرح إلى بيانات التكوين الحساسة من خلال معالجة معاملات الملفات. يمكن استغلال الثغرة عن بعد ولديها استغلالات متاحة للجمهور.

🤖 ملخص تنفيذي (AI)

A medium-severity information disclosure vulnerability exists in Technostrobe HI-LED-WR120-G2 firmware that allows remote attackers to access sensitive configuration data. The vulnerability affects the Configuration Data Handler component and has publicly available exploits.

🤖 AI Intelligence Analysis Analyzed: May 29, 2026 18:07

🇸🇦 Saudi Arabia Impact Assessment

Saudi Relevance: medium

🏢 Affected Saudi Sectors

government telecom energy

🎯 MITRE ATT&CK Techniques

T1526 T1592 T1040

⚖️ Saudi Risk Score (AI)

5.0

/ 10.0

🔧 Remediation Steps (English)

Immediately update Technostrobe HI-LED-WR120-G2 firmware to the latest patched version. If updates are unavailable, implement network segmentation to restrict access to the /fs endpoint, disable remote configuration access, and monitor for suspicious file access attempts. Contact Technostrobe support for security patches.

🔧 خطوات المعالجة (العربية)

قم بتحديث برنامج Technostrobe HI-LED-WR120-G2 الثابت إلى أحدث إصدار معدل. إذا لم تكن التحديثات متاحة، قم بتطبيق تقسيم الشبكة لتقييد الوصول إلى نقطة نهاية /fs، وتعطيل الوصول البعيد للتكوين، ومراقبة محاولات الوصول إلى الملفات المريبة. اتصل بدعم Technostrobe للحصول على تصحيحات أمنية.

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

A.7.1.1 A.7.1.2 A.9.1.1

🔵 SAMA CSF

ID.AM-2 PR.AC-1 PR.AC-3

🟡 ISO 27001:2022

A.6.1.2 A.7.1.1 A.9.1.1 A.9.2.1

🔗 References & Sources 4

🔗

https://github.com/shiky8/my--cve-vulnerability-research/blob/main/my_VulnDB_cves/CVE-T...

cna@vuldb.com

🔗

https://vuldb.com/submit/783324

cna@vuldb.com

🔗

https://vuldb.com/vuln/355341

cna@vuldb.com

🔗

https://vuldb.com/vuln/355341/cti

cna@vuldb.com

📊 CVSS Score

5.3

/ 10.0 — Medium

📊 CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack VectorN — None / Network

Attack ComplexityL — Low / Local

Privileges RequiredN — None / Network

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityL — Low / Local

IntegrityN — None / Network

AvailabilityN — None / Network

📋 Quick Facts

Severity Medium

CVSS Score5.3

CWECWE-200

EPSS0.03%

Exploit No

Patch ✗ No

Published 2026-04-05

Source Feed nvd

🇸🇦 Saudi Risk Score

5.0

/ 10.0 — Saudi Risk

Priority: MEDIUM

🏷️ Tags

CWE-200

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

💬 Comments

Loading comments

CVE-2026-5571

💬 Comments

Introduce Yourself

Sign In Required