Improper Input Validation in Gmission Web Fax Product
CVE-2026-9157

8.6HIGH

Key Information:

Vendor: Gmission
Status: Web Fax
Vendor: CVE Published:; 21 May 2026

What is CVE-2026-9157?

A vulnerability in Gmission Web Fax allows for improper input validation, enabling an unrestricted upload of potentially dangerous file types. This can lead to remote code execution, posing significant security risks for users. The affected versions are those prior to 3.1, making it crucial for administrators to upgrade their systems to mitigate potential threats.

Affected Version(s)

Web Fax 3.0 < 3.1

References

https://www.gmission.co.kr/fax1

CVSS V4

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 21, 2026
Vulnerability Reserved
May 21, 2026

Credit

sh4n3e(이상현, Lee Sanghyeon)

CVE-2026-9157 Data

JSON