CVE-2026-0774
HIGHCVSS Vector
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2Tags
Description
WatchYourLAN Configuration Page Argument Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of WatchYourLAN. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the arpstrs parameter. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-26708.
Analysis
WatchYourLAN's configuration page is vulnerable to argument injection through improper validation of the arpstrs parameter, enabling unauthenticated network-adjacent attackers to execute arbitrary code with service account privileges. The vulnerability stems from insufficient input sanitization before system command execution and currently lacks an available patch. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify all WatchYourLAN instances in your environment and isolate them from untrusted network segments. Within 7 days: Disable WatchYourLAN's web configuration interface or restrict access to trusted administrative networks only; implement network segmentation to limit exposure. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today