← voltar
CVE-2026-1358

Airleader Master Unrestricted Upload of File with Dangerous Type

CVSS 9.3 CRITICALEPSS 1.2%CWE-434
Airleader Master versions 6.381 and prior allow for file uploads without restriction to multiple webpages running maximum privileges. This could allow an unauthenticated user to potentially obtain remote code execution on the server.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Produtos afetados
Airleader GmbH · Airleader Master

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://airleader.us/contact/https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-043-10.jsonhttps://www.cisa.gov/news-events/ics-advisories/icsa-26-043-10https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2025-044.txt