Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-26056

A command injection vulnerability exists in the Infinxt iEdge 100 2.1.32 in the Troubleshoot module "MTR" functionality. The vulnerability is due to improper validation of user-supplied input in the mtrIp parameter. An attacker can exploit this flaw to execute arbitrary operating system commands on the underlying system with the same privileges as the web application process.

Published

2025-04-01T19:15:44.427

Last Modified

2025-04-14T18:15:28.560

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.1: 5.4 (MEDIUM)

Weaknesses

Type: Secondary
CWE-77

Affected Vendors & Products

References

https://github.com/rohan-pt/CVE-2025-26056 ([email protected])