CVE-2025-26856 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in UD-LT2 firmware Ver.1.00.008_SE and earlier. If an at…
High CVSS: 7.2

CVE-2025-26856

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in UD-LT2 firmware Ver.1.00.008_SE and earlier. If an attacker logs in to the affected product with an administrative account and manipulates requests for a certain screen operation, an arbitrary OS command may be executed. This vulnerability was reported on a different screen operation from CVE-2025-20617.
Vendor
-
Product
-
CWE
CWE-78
Yayın Tarihi
2025-02-20 06:15:21
Güncelleme
2025-02-20 06:15:21
Source Identifier
vultures@jpcert.or.jp
KEV Date Added
-

Kategoriler

CWE-78 HIGH 2025

Referanslar

https://jvn.jp/en/jp/JVN15293958/ https://www.iodata.jp/support/information/2025/01_ud-lt2/