CVE-2026-27479 | ellite Wallos up to 4.6.0 getLogoFromUrl server-side request forgery (GHSA-fgmf-7g5v-jmjg)

Inserito da Angelo Barbosa | Feb 21, 2026 | CVE

A vulnerability identified as critical has been detected in ellite Wallos up to 4.6.0. This issue affects the function getLogoFromUrl. Performing a manipulation results in server-side request forgery.

This vulnerability is reported as CVE-2026-27479. The attack is possible to be carried out remotely. No exploit exists.

You should upgrade the affected component.

CVE-2026-27479 | ellite Wallos up to 4.6.0 getLogoFromUrl server-side request forgery (GHSA-fgmf-7g5v-jmjg)

Post correlati

CVE-2024-24117 | Ruijie RG-NBS2009G-P 10.4(1)P2 Release (9736) Login Check State permission

CVE-2025-21636 | Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 sctp null pointer dereference

CVE-2024-44996 | Linux Kernel up to 6.6.47/6.10.6 vsock_bpf_recvmsg Privilege Escalation (921f1acf0c3c/b4ee8cf1acc5/69139d2919dd)

CVE-2025-9146 | Linksys E5600 1.1.0.26 Firmware checkFw.sh verify_gemtek_header risky encryption