CVE-2026-26478 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A shell command injection vulnerability in Mobvoi Tichome Mini smart speaker 012-18853 and 027-58389 allows remote attackers to send a specially crafted UDP dat…
Critical CVSS: 9.8

CVE-2026-26478

A shell command injection vulnerability in Mobvoi Tichome Mini smart speaker 012-18853 and 027-58389 allows remote attackers to send a specially crafted UDP datagram and execute arbitrary shell code as the root account.
Vendor
Mobvoi
Product
Tichome Mini Firmware
CWE
CWE-78
Yayın Tarihi
2026-03-04 16:16:27
Güncelleme
2026-03-05 18:13:33
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-78 Tichome Mini Firmware CRITICAL Mobvoi 2026

Referanslar

https://github.com/pastcompute/tichome-poc-1 https://web.archive.org/web/20171202094530/