CVE-2026-2670 | Advantech WISE-6610 1.2.1_20251110 Background Management openvpn_apply delete_file os command injection

Inserito da Angelo Barbosa | Feb 18, 2026 | CVE

A vulnerability categorized as critical has been discovered in Advantech WISE-6610 1.2.1_20251110. Affected is an unknown function of the file /cgi-bin/luci/admin/openvpn_apply of the component Background Management. Such manipulation of the argument delete_file leads to os command injection.

This vulnerability is documented as CVE-2026-2670. The attack can be executed remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-2670 | Advantech WISE-6610 1.2.1_20251110 Background Management openvpn_apply delete_file os command injection

Post correlati

CVE-2025-10011 | Portabilis i-Educar up to 2.10 edit ID sql injection

CVE-2023-28517 | IBM Sterling Partner Engagement Manager 6.1.2/6.2.0/6.2.2 Web UI cross site scripting (XFDB-250421)

CVE-2023-5953 | Welcart e-Commerce Plugin up to 2.9.4 on WordPress AJAX Action cross-site request forgery

CVE-2024-57771 | JFinalOA 1.0.2 common/getEditPage?view cross site scripting