Command Injection Vulnerability in Managed Ethernet Switch by Vendor
CVE-2026-5416

8.7HIGH

Key Information:

Vendor: Turck
Status: Tben-ll-se-m2; Tben-l4-se-m2; Tben-l5-se-m2
Vendor: CVE Published:; 16 June 2026

What is CVE-2026-5416?

A command injection vulnerability exists in the Managed Ethernet Switch due to the improper neutralization of special elements in the name parameter. This flaw allows a low privileged remote attacker to execute arbitrary commands on the system, enabling the attacker to potentially compromise the entire system.

Affected Version(s)

TBEN-L4-SE-M2 0.0.0 <= 2.0.6.0

TBEN-L5-SE-M2 0.0.0 <= 2.0.6.0

TBEN-LL-SE-M2 0.0.0 <= 2.0.6.0

References

https://certvde.com/de/advisories/VDE-2026-038

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 16, 2026
Vulnerability Reserved
Apr 2, 2026

CVE-2026-5416 Data

JSON

Turck

What is CVE-2026-5416?

Affected Version(s)

References

CVSS V4

Timeline