CVE ID :CVE-2026-22313 Published : June 16, 2026, 8:16 p.m. | 52 minutes ago Description :The device has a webserver that exposes a REST API authenticated with a token on the management network. By exploiting an OS command injection vulnerability an authenticated attacker can send arbitrary...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-22313 - OS Commands Executed with Administrative Permissions in Radiflow iSAP Smart Collector

VERWANDTEARTIKEL

CVE-2026-48777 - FileBrowser Quantum: Path Traversal in public share PATCH allows file ops outside shared directory

CVE-2026-22312 - Use of Hard-coded Credentials Vulnerability in Radiflow iSAP Smart Collector

CVE-2026-53866 - OpenClaw < 2026.5.12 - Allowlist Bypass in Shell Inline-Command Parsing

CVE-2026-53864 - OpenClaw < 2026.5.26 - Insufficient Environment Variable Sanitization in Node.js Control Variables

CVE-2026-53857 - OpenClaw < 2026.5.3 - Mutable Display Name Binding in Zalo allowFrom Policy

CVE-2026-53855 - OpenClaw < 2026.4.2 - Shell Positional Parameters Bypass in Inline-Eval Checks