Improper Access Control in Pardus-Parental-Control by TUBITAK BILGEM
CVE-2026-9085

8.8HIGH

What is CVE-2026-9085?

An improper access control vulnerability in the Pardus-Parental-Control product by TUBITAK BILGEM enables DNS spoofing, potentially exposing users to various security threats. Specifically, versions prior to 0.7.0, including 0.5.1 and earlier, are susceptible to this flaw. This vulnerability arises from incorrect permission assignments for critical resources, allowing unauthorized access that could compromise the integrity of DNS settings. It is crucial for users of affected versions to promptly upgrade to safeguard against potential attacks.

Affected Version(s)

Pardus-Parental-Control <=0.5.1 < 0.7.0

References

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Mehmet DEMİR
.