CVE-2026-2667 | Rongzhitong Visual Integrated Command and Dispatch Platform up to 20260206 api?cmd=userinfo access control

A vulnerability was found in Rongzhitong Visual Integrated Command and Dispatch Platform up to 20260206. It has been classified as critical. The impacted element is an unknown function of the file /dispatch/api?cmd=userinfo. The manipulation leads to improper access controls.

This vulnerability is listed as CVE-2026-2667. The attack may be initiated remotely. In addition, an exploit is available.

It is recommended to apply restrictive firewalling.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-2667 | Rongzhitong Visual Integrated Command and Dispatch Platform up to 20260206 api?cmd=userinfo access control

Post correlati

CVE-2024-51801 | Jake Brown Brand My Footer Plugin up to 1.1 on WordPress cross site scripting

CVE-2024-47061 | udecode plate up to 21.5.0/36.5.8/38.0.5 cross site scripting (GHSA-73rg-f94j-xvhx)

CVE-2023-50785 | Zoho ManageEngine ManageEngine ADAudit Plus up to 7269 path traversal

CVE-2025-12546 | LogicalDOC Community Edition up to 9.2.1 API Key creation UI cross site scripting