CVE-2026-23759

🗓️ 17 Mar 2026 15:20:10Reported by VulnCheckType

Authenticated attackers can inject commands via the restricted shell ps on Perle IOLAN STS/SCS, gaining root.

Reporter	Title	Published	Views	Family All 9
ATTACKERKB	CVE-2026-23759	17 Mar 202615:20	–	attackerkb
Circl	CVE-2026-23759	17 Mar 202615:16	–	circl
CNNVD	Perle IOLAN STS/SCS 操作系统命令注入漏洞	17 Mar 202600:00	–	cnnvd
Cvelist	CVE-2026-23759 Perle IOLAN STS/SCS Authenticated Command Injection via 'shell ps'	17 Mar 202615:20	–	cvelist
EUVD	EUVD-2026-12580	17 Mar 202618:30	–	euvd
NVD	CVE-2026-23759	17 Mar 202616:16	–	nvd
Positive Technologies	PT-2026-25903	17 Mar 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-23759	26 Mar 202615:03	–	redhatcve
Vulnrichment	CVE-2026-23759 Perle IOLAN STS/SCS Authenticated Command Injection via 'shell ps'	17 Mar 202615:20	–	vulnrichment

Vulners

Node

perle_systems iolan_stsRange0–6.0

perle_systems iolan_scsRange0–6.0

[
  {
    "vendor": "Perle Systems",
    "product": "IOLAN STS",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "6.0",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Perle Systems",
    "product": "IOLAN SCS",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "6.0",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
vulncheck	www.vulncheck.com/advisories/perle-iolan-sts-scs-authenticated-command-injection-via-shell-ps
perle	www.perle.com/downloads/server_sds_sts_rackmount.shtml
perle	www.perle.com/support_services/documentation_pdfs/iolan_scs-sds-sts_ug.pdf

17 Jun 2026 10:22Current

6.1Medium risk

Vulners AI Score6.1

CVSS 3.17.2

CVSS 48.6

EPSS0.01509

SSVC

CWE-78