CVE-2026-3587

Published: Mar 23, 2026 Last Modified: Mar 23, 2026

ExploitDB:

Other exploit source:

Google Dorks:

CRITICAL 10,0

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Scope: changed

Confidentiality: high

Integrity: high

Availability: high

Description

AI Translation Available

An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interface and gain root access to the underlying Linux based OS, leading to full compromise of the device.

912

Hidden Functionality

Incomplete

Abstraction: Class Structure: Simple

Common Consequences

Security Scopes Affected:

Other Integrity

Potential Impacts:

Varies By Context Alter Execution Logic

Applicable Platforms

Technologies: Not Technology-Specific, ICS/OT

View CWE Details

https://certvde.com/de/advisories/VDE-2026-020

CVE-2026-3587

Description

Hidden Functionality

Common Consequences

Applicable Platforms

Iscriviti alla newsletter