Linux
CVE-2026-1791
LOW
Severity by source
AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
Lifecycle Timeline
2DescriptionCVE.org
Unrestricted Upload of File with Dangerous Type vulnerability in Hillstone Networks Operation and Maintenance Security Gateway on Linux allows Upload a Web Shell to a Web Server.This issue affects Operation and Maintenance Security Gateway: V5.5ST00001B113.
AnalysisAI
Hillstone Networks Operation and Maintenance Security Gateway on Linux is affected by unrestricted upload of file with dangerous type (CVSS 2.7).
Technical ContextAI
This vulnerability (CWE-434: Unrestricted Upload of File with Dangerous Type) affects Hillstone Networks Operation and Maintenance Security Gateway on Linux. Unrestricted Upload of File with Dangerous Type vulnerability in Hillstone Networks Operation and Maintenance Security Gateway on Linux allows Upload a Web Shell to a Web Server.This issue affects Operation and Maintenance Security Gateway: V5.5ST00001B113.
Affected ProductsAI
Product: Hillstone Networks Operation and Maintenance Security Gateway on Linux.
RemediationAI
Monitor vendor advisories for a patch. Validate file types by content. Store uploads outside web root. Restrict network access to the affected service where possible.
Share
External POC / Exploit Code
Leaving vuln.today