CVE-2026-59800 - 9Router < 0.4.44 - OS Command Injection via sudoPassword Parameter in Tailscale Install Endpoint
CVE ID :CVE-2026-59800 Published : July 7, 2026, 6:19 p.m. | 55 minutes ago Description :9Router before 0.4.44 contains an OS command injection vulnerability in the unauthenticated POST /api/tunnel/tailscale-install endpoint (this route is not covered by the dashboard middleware matcher, so...