2 matches found
CVE-2026-25111
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into requests sent to the restore route...
CVE-2026-25111
CVE-2026-25111 concerns an OS command injection in Copeland XWEB Pro prior to 1.12.1. An authenticated attacker can achieve remote code execution by sending crafted input to the restore route, due to insufficient input validation on that endpoint. Affected software is XWEB Pro (versions before 1....