Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/02/28 1:55 a.m.5 views

CVE-2026-24517

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into requests sent to the firmware update route...

8CVSS6.6AI score0.01589EPSS
Exploits0References1
NVD
NVD
added 2026/02/27 1:16 a.m.9 views

CVE-2026-24517

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into requests sent to the firmware update route...

8CVSS0.01589EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/27 12:45 a.m.3 views

CVE-2026-25195

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by supplying a crafted firmware update file via the firmware update route...

8CVSS6.4AI score0.01447EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/27 12:45 a.m.22 views

CVE-2026-25195 Copeland XWEB and XWEB Pro OS Command Injection

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by supplying a crafted firmware update file via the firmware update route...

8CVSS0.01447EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/27 12:43 a.m.24 views

CVE-2026-24517 Copeland XWEB and XWEB Pro OS Command Injection

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into requests sent to the firmware update route...

8CVSS0.01589EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/27 12:43 a.m.6 views

CVE-2026-24517 Copeland XWEB and XWEB Pro OS Command Injection

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into requests sent to the firmware update route...

8CVSS6.6AI score0.01589EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/27 12:43 a.m.5 views

CVE-2026-24517

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into requests sent to the firmware update route...

8CVSS6.4AI score0.01589EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/27 12:0 a.m.10 views

PT-2026-22255

Name of the Vulnerable Software and Affected Versions XWEB Pro versions prior to 1.12.1 Description An operating system command injection issue exists, allowing an authenticated attacker to execute code remotely. This is achieved by submitting crafted input to the firmware update route. The issue...

8CVSS6.1AI score0.01589EPSS
Exploits0References9
Rows per page
Query Builder