Vulnerabilities

CVE-2026-25195

by Fred · 27/02/2026

An OS command injection

vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
supplying a crafted firmware update file via the firmware update route.

More information : https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-057-10.json

Similar

Tags: Cybersecurity Alert