Cyber Resilience

CVE-2026-5570

MediumPublic PoC

Published: 05 April 2026

Published
05 April 2026
Modified
30 April 2026
KEV Added
Patch
CVSS Score v4 5.5 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0060 44.0th percentile
Risk Priority 35 floored blend · peak EPSS

Summary

CVE-2026-5570 is a medium-severity Improper Authentication (CWE-287) vulnerability in Technostrobe Hi-Led-Wr120-G2 Firmware. Its CVSS base score is 5.5 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 44.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and IA-2 (Identification and Authentication (Organizational Users)).

Deeper analysis

CVE-2026-5570 is an improper authentication vulnerability (CWE-287) in the Technostrobe HI-LED-WR120-G2 device running firmware version 5.5.0.1R6.03.30. The issue affects the index_config function in the /LoginCB file, enabling manipulation that bypasses authentication mechanisms.

The vulnerability allows remote exploitation by unauthenticated attackers (PR:N) with low attack complexity (AC:L) and no user interaction (UI:N), as reflected in its CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L). Attackers can achieve limited impacts on confidentiality, integrity, and availability through authentication bypass.

Advisories referenced in VulDB entries and a GitHub repository describe the vulnerability and include a publicly disclosed exploit. The vendor was contacted early regarding disclosure but provided no response or mitigation guidance.

The exploit has been publicly disclosed and may be utilized, with no vendor patch available as of publication on 2026-04-05.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

A vulnerability was determined in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. The affected element is the function index_config of the file /LoginCB. This manipulation causes improper authentication. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may…

more

be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

The vulnerability is an improper authentication bypass in a public-facing web interface (/LoginCB), directly enabling remote unauthenticated exploitation of a public-facing application for initial access.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-5569Same product: Technostrobe Hi-Led-Wr120-G2
CVE-2026-5574Same product: Technostrobe Hi-Led-Wr120-G2
CVE-2026-5571Same product: Technostrobe Hi-Led-Wr120-G2
CVE-2026-5573Same product: Technostrobe Hi-Led-Wr120-G2
CVE-2025-1044Shared CWE-287
CVE-2026-1740Shared CWE-287
CVE-2026-7022Shared CWE-287
CVE-2024-13111Shared CWE-287
CVE-2026-29145Shared CWE-287
CVE-2018-25236Shared CWE-287

Affected Assets

technostrobe
hi-led-wr120-g2 firmware
5.5.0.1r6.03.30

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires robust identification and authentication mechanisms for users accessing the /LoginCB function, directly preventing improper authentication bypass in the device firmware.

prevent

Enforces approved authorizations following authentication, blocking unauthorized remote manipulation of the index_config function despite the vulnerability.

prevent

Mandates timely identification, reporting, and remediation of the improper authentication flaw, addressing the lack of vendor patch for this publicly disclosed CVE.

References