CVE-2026-8233

Published: Mag 10, 2026 Last Modified: Mag 10, 2026
ExploitDB:
Other exploit source:
Google Dorks:
LOW 2,1
Source: [email protected]
Attack Vector: adjacent
Attack Complexity: high
Privileges Required: low
User Interaction: none
Confidentiality: N/A
Integrity: N/A
Availability: N/A
MEDIUM 4,6
Source: [email protected]
Attack Vector: adjacent_network
Attack Complexity: high
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: low
Integrity: low
Availability: low
MEDIUM 4,0
Source: [email protected]
Access Vector: adjacent_network
Access Complexity: high
Authentication: single
Confidentiality: partial
Integrity: partial
Availability: partial

Description

AI Translation Available

A vulnerability was determined in Dotouch XproUPF 2.0.0-release-088aa7c4. Affected is an unknown function of the component UPF. This manipulation causes improper access controls. A high degree of complexity is needed for the attack. The exploitability is told to be difficult. The vendor was contacted early about this disclosure.

266

Incorrect Privilege Assignment

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Access Control
Potential Impacts:
Gain Privileges Or Assume Identity
Applicable Platforms
All platforms may be affected
View CWE Details
284

Improper Access Control

Incomplete
Abstraction: Pillar Structure: Simple
Common Consequences
Security Scopes Affected:
Other
Potential Impacts:
Varies By Context
Applicable Platforms
Technologies: ICS/OT, Not Technology-Specific, Web Based
View CWE Details
https://vuldb.com/submit/808799
https://vuldb.com/submit/808799
https://vuldb.com/vuln/362450
https://vuldb.com/vuln/362450
https://vuldb.com/vuln/362450/cti
https://vuldb.com/vuln/362450/cti