Skip to main content

SkyBridge MB-A100 CVE-2026-50043

| EUVDEUVD-2026-40929 HIGH
OS Command Injection (CWE-78)
2026-07-01 jpcert GHSA-5g5j-j2fm-vcpf
8.6
CVSS 4.0 · Vendor: jpcert
Share

Severity by source

Vendor (jpcert) PRIMARY
8.6 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
7.2 HIGH

Network-reachable admin interface (AV:N/AC:L) but requires an administrative account (PR:H); command execution grants full OS control, so C/I/A all High with scope unchanged.

3.1 AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (jpcert).

CVSS VectorVendor: jpcert

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
X

Lifecycle Timeline

2
Analysis Generated
Jul 01, 2026 - 08:32 vuln.today
CVSS changed
Jul 01, 2026 - 08:22 NVD
7.2 (HIGH) 8.6 (HIGH)

DescriptionCVE.org

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in SkyBridge MB-A100/MB-A110. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who can log in to the product with an administrative privilege.

AnalysisAI

Authenticated OS command injection in Seiko Solutions SkyBridge MB-A100 and MB-A110 industrial LTE gateways allows an attacker who is already logged in with administrative privileges to execute arbitrary operating-system commands on the device. The CVSS 4.0 base score is 8.6 (High), reflecting full confidentiality, integrity, and availability impact once admin access is obtained, though the PR:H requirement confines exposure to authenticated administrators. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Reach device admin interface over network
Delivery
Authenticate with administrative credentials
Exploit
Inject shell metacharacters into config field
Execution
Bypass improper command neutralization (CWE-78)
Persist
Execute arbitrary OS commands on device
Impact
Full device compromise and network pivot

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to first log in to the product with an administrative-privilege account (CVSS PR:H) - this is the exact prerequisite stated in the advisory. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N) describes a network-reachable, low-complexity attack that nonetheless requires high privileges (PR:H) - the attacker must already hold an administrative account on the device. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker obtains SkyBridge administrative credentials - through default or reused passwords, phishing, or insider access - and logs into the device's management interface over the network. Within an administrative configuration field or command that feeds into a system shell, they inject shell metacharacters plus appended commands, causing the device to execute arbitrary OS commands with management-process privileges, enabling persistence, traffic interception, or pivoting into the connected network. …
Remediation Apply the corrected firmware provided by Seiko Solutions; the specific patched version is not enumerated in the available data and must be obtained from the vendor advisory at https://www.seiko-sol.co.jp/archives/94618/ and the JVN entry https://jvn.jp/en/jp/JVN20721579/ (patch available per vendor advisory; released patched version not independently confirmed here). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all deployed SkyBridge MB-A100 and MB-A110 units in your environment and audit administrative access logs for suspicious activity. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-50043 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy