EUVD-2026-14278
GHSA-8h86-g282-cx65
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
4Tags
Description
A vulnerability was found in Acrel Environmental Monitoring Cloud Platform 1.1.0. This issue affects some unknown processing. Performing a manipulation results in unrestricted upload. The attack may be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Analysis
An unrestricted file upload vulnerability exists in Acrel Environmental Monitoring Cloud Platform version 1.1.0, allowing unauthenticated remote attackers to upload arbitrary files to the system. The vendor was notified but did not respond, and a public proof-of-concept exploit is available on GitHub. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Inventory all systems running Acrel v1.1.0 and isolate them from critical networks if possible; enable logging on upload endpoints. Within 7 days: Deploy WAF rules to block suspicious file uploads and implement IP-based access restrictions to the platform; contact Acrel for patch status and timeline. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today