CVE-2026-2000 | DCN DCME-320 up to 20260121 Web Management Backend bridge_cfg.php apply_config ip_list command injection

A vulnerability was found in DCN DCME-320 up to 20260121. It has been rated as critical. Impacted is the function apply_config of the file /function/system/basic/bridge_cfg.php of the component Web Management Backend. Performing a manipulation of the argument ip_list results in command injection.

This vulnerability is reported as CVE-2026-2000. The attack is possible to be carried out remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-2000 | DCN DCME-320 up to 20260121 Web Management Backend bridge_cfg.php apply_config ip_list command injection

Post correlati

CVE-2025-14891 | Customer Reviews for WooCommerce Plugin up to 5.93.1 on WordPress displayName cross site scripting

CVE-2025-4133 | Blog2Social Plugin up to 8.3.x on WordPress cross site scripting

CVE-2025-64190 | 8theme XStore Core Plugin up to 5.5 on WordPress cross site scripting

CVE-2024-21305 | Microsoft Windows up to Server 2022 23H2 Hypervisor-Protected Code Integrity unknown vulnerability