CVE-2026-9297 | ReQuest these 1.10 POST Request /goform/formWlbasic repeaterSSID command injection

Inserito da Angelo Barbosa | Mag 22, 2026 | CVE

A vulnerability marked as critical has been reported in ReQuest these 1.10. Affected is the function formWlbasic of the file /goform/formWlbasic of the component POST Request Handler. The manipulation of the argument repeaterSSID leads to command injection.

This vulnerability is listed as CVE-2026-9297. The attack may be initiated remotely. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-9297 | ReQuest these 1.10 POST Request /goform/formWlbasic repeaterSSID command injection

Post correlati

CVE-2024-11238 | Landray EKP up to 16.0 sysUiComponent.do?method=delPreviewFile directoryPath path traversal

CVE-2024-41089 | Linux Kernel up to 6.9.7 nv17_tv_get_hd_modes null pointer dereference

CVE-2025-1543 | iteachyou Dreamer CMS 4.1.3 ueditor-1.4.3.3 path traversal

CVE-2024-35280 | Fortinet FortiDeceptor up to 5.3.0 cross site scripting (FG-IR-24-010)