ГлавнаяУязвимости → CVE-2026-32968
9.8критическая

CVE-2026-32968

Описание

Due to the improper neutralisation of special elements used in an OS command, an unauthenticated remote attacker can exploit an RCE vulnerability in the com_mb24sysapi module, resulting in full system compromise. This vulnerability is a variant attack for CVE-2020-10383.

CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://certvde.com/de/advisories/VDE-2026-024https://certvde.com/de/advisories/VDE-2026-025