Command Injection Vulnerability in Web Server Network Diagnosis Endpoint
CVE-2026-22095
9.3CRITICAL
What is CVE-2026-22095?
A command injection vulnerability exists in the network diagnosis endpoint on web servers operating on port 8090. This flaw allows attackers to execute arbitrary commands on the server, potentially compromising the entire system. Security measures are essential to prevent unauthorized access and safeguard sensitive data.
Affected Version(s)
DC-80 0 < 1.5.1
References
CVSS V4
Score:
9.3
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Wilco van Beijnum (ElaadNL)
Jeroen van der Ham-de Vos (DIVD)
