9 matches found
CVE-2026-25111
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into requests sent to the restore route...
EUVD-2026-8956
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into requests sent to the restore route...
CVE-2026-25111
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into requests sent to the restore route...
CVE-2026-25111
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into requests sent to the restore route...
CVE-2026-25111 Copeland XWEB and XWEB Pro OS Command Injection
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into requests sent to the restore route...
CVE-2026-25111 Copeland XWEB and XWEB Pro OS Command Injection
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into requests sent to the restore route...
CVE-2026-25111
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into requests sent to the restore route...
CVE-2026-25111
CVE-2026-25111 concerns an OS command injection in Copeland XWEB Pro prior to 1.12.1. An authenticated attacker can achieve remote code execution by sending crafted input to the restore route, due to insufficient input validation on that endpoint. Affected software is XWEB Pro (versions before 1....
PT-2026-22261
Name of the Vulnerable Software and Affected Versions XWEB Pro versions prior to 1.12.1 Description An OS command injection issue exists that allows a logged-in attacker to execute code remotely on the system. This is achieved by submitting crafted input to the restore route. The restore route is...