CVE-2026-25085

A vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, in which an unexpected return value from the authentication routine is later on processed as a legitimate value, resulting in an authentication bypass...

EUVD-2026-8954

A vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, in which an unexpected return value from the authentication routine is later on processed as a legitimate value, resulting in an authentication bypass...

CVE-2026-25085

A vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, in which an unexpected return value from the authentication routine is later on processed as a legitimate value, resulting in an authentication bypass...

CVE-2026-22877 Copeland XWEB and XWEB Pro Path Traversal

An arbitrary file-read vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling unauthenticated attackers to read arbitrary files on the system, and potentially causing a denial-of-service attack...

CVE-2026-24517

CVE-2026-24517 affects XWEB Pro prior to 1.12.1. An authenticated user can exploit an OS command injection via the firmware update route to achieve remote code execution on affected systems. Root cause: input crafted in firmware update requests leads to command injection. Impact: remote code exec...

CVE-2026-25085 Copeland XWEB and XWEB Pro Unexpected Status Code or Return Value

A vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, in which an unexpected return value from the authentication routine is later on processed as a legitimate value, resulting in an authentication bypass...

PT-2026-22259

Name of the Vulnerable Software and Affected Versions Copeland XWEB Pro versions prior to 1.12.1 Description A flaw exists that allows an authentication bypass due to improper handling of return values from the authentication routine. The software processes an unexpected return value as legitimat...