CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2026-22313

CRITICAL
9.1
CVSS Severity Score
EPSS Score0.0860%
EPSS Percentile40.29th
Published2026年6月16日
Last Modified2026年6月16日

Vulnerability Description

The device has a webserver that exposes a REST API authenticated with a token on the management network. By exploiting an OS command injection vulnerability an authenticated attacker can send arbitrary commands to the device that are executed with administrative permissions by the underlying operating system.

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

🔗 https://www.cvcn.gov.it/cvcn/cve/CVE-2026-22313

相關漏洞威脅

CVE-2026-5270410.0

Improper Control of Generation of Code ('Code Injection') vulnerability in Edgar Rojas WooCommerce PDF Invoice Builder allows Remo...

CVE-2026-1061110.0

An authentication bypass vulnerability exists in MISP when LDAP mixed authentication is enabled with OTP enforcement. In deploymen...

CVE-2026-4855810.0

SimpleHelp versions 5.5.15 and prior and 6.0 pre-release versions contain an authentication bypass vulnerability in the OIDC authe...

CVE-2026-2012710.0

A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN M...