CVE-2026-1802 | Ziroom ZHOME A0101 1.0.1.0 zrMacClone.lua macAddrClone macType command injection

Inserito da Angelo Barbosa | Feb 3, 2026 | CVE

A vulnerability categorized as critical has been discovered in Ziroom ZHOME A0101 1.0.1.0. This issue affects the function macAddrClone of the file lucicontrollerapizrMacClone.lua. The manipulation of the argument macType results in command injection.

This vulnerability is cataloged as CVE-2026-1802. The attack may be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-1802 | Ziroom ZHOME A0101 1.0.1.0 zrMacClone.lua macAddrClone macType command injection

Post correlati

CVE-2024-42350 | biscuit-auth biscuit 3 exposure of resource

CVE-2024-7928 | FastAdmin up to 1.3.3.20220121 /index/ajax/lang path traversal

CVE-2025-6272 | wasm3 0.5.0 source/m3_compile.c MarkSlotAllocated out-of-bounds write

CVE-2024-20798 | Adobe Illustrator up to 27.9.2/28.3 out-of-bounds (apsb24-25)