10 matches found
CVE-2026-20902
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into the map filename field during the map upload action of the parameters route...
EUVD-2026-8944
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into the map filename field during the map upload action of the parameters route...
CVE-2026-20902
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into the map filename field during the map upload action of the parameters route...
CVE-2026-20902
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into the map filename field during the map upload action of the parameters route...
CVE-2026-20902 Copeland XWEB and XWEB Pro OS Command Injection
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into the map filename field during the map upload action of the parameters route...
CVE-2026-20902
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into the map filename field during the map upload action of the parameters route...
CVE-2026-20902
Summary of CVE-2026-20902 : An OS command injection vulnerability exists in XWEB Pro
CVE-2026-20902 Copeland XWEB and XWEB Pro OS Command Injection
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into the map filename field during the map upload action of the parameters route...
Copeland多款产品 操作系统命令注入漏洞
Copeland XWEB 300D PRO, among others, are advanced commercial and industrial refrigeration monitoring and management systems developed by the American company Copeland. Several Copeland products have vulnerabilities related to operating system command injection. These vulnerabilities stem from th...
PT-2026-22250
Name of the Vulnerable Software and Affected Versions XWEB Pro versions prior to 1.12.1 Description An operating system command injection issue exists that allows an authenticated attacker to execute code remotely. This is achieved by injecting malicious input into the map filename field during t...