CVE-2025-26320 | t0mer BroadlinkManager 5.9.1 /device/ping IP Address os command injection

Posted by Angelo Barbosa | Mar 4, 2025 | CVE

A vulnerability was found in t0mer BroadlinkManager 5.9.1. It has been classified as critical. Affected is an unknown function of the file /device/ping. The manipulation of the argument IP Address leads to os command injection.

This vulnerability is traded as CVE-2025-26320. The attack needs to be initiated within the local network. There is no exploit available.

CVE-2025-26320 | t0mer BroadlinkManager 5.9.1 /device/ping IP Address os command injection

Related Posts

CVE-2024-38582 | Linux Kernel up to 6.9.2 nilfs2 nilfs_detach_log_writer deadlock

CVE-2024-9024 | Material Design Icons Plugin up to 0.0.5 on WordPress Shortcode mdi-icon cross site scripting

CVE-2024-51247 | Draytek Vigor 3900 1.5.1.3 mainfunction.cgi doPPPo command injection

CVE-2024-8586 | Uniong WebITR up to 2_1_0_27 URL redirect