Authentication Bypass Vulnerability in Web Server on Port 8090
CVE-2026-22096

9.3CRITICAL

Key Information:

Vendor

Evbee

Status
Vendor
CVE Published:
13 July 2026

What is CVE-2026-22096?

The web server operating on port 8090 is vulnerable to an authentication bypass, enabling unauthorized access without initiating a login process. This issue leads to potential sensitive information exposure, allowing attackers to view configured passwords and upload files through various endpoints. Organizations should take immediate action to secure the web server and prevent unauthorized access.

Affected Version(s)

DC-80 0 < 1.5.1

References

CVSS V4

Score:
9.3
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Wilco van Beijnum (ElaadNL)
Jeroen van der Ham-de Vos (DIVD)
.