CVE-2026-49185

Published: Giu 04, 2026 Last Modified: Giu 04, 2026

ExploitDB:

Other exploit source:

Google Dorks:

CRITICAL 10,0

Source: 8fc372e3-d9c5-46e4-9410-38469745c639

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

Description

AI Translation Available

The FieldX MDM adb messaging topic passes unverified payloads directly into Runtime.exec(), allowing command/instruction injection.

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Stable

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality Integrity Availability Non-Repudiation

Potential Impacts:

Execute Unauthorized Code Or Commands Dos: Crash, Exit, Or Restart Read Files Or Directories Modify Files Or Directories Read Application Data Modify Application Data Hide Activities

Applicable Platforms

Technologies: Not Technology-Specific, AI/ML, Web Server

Likelihood of Exploit: High

View CWE Details

https://community.acer.com/en/kb/articles/19707

CVE-2026-49185

Description

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Common Consequences

Applicable Platforms

Iscriviti alla newsletter