Skip to main content

Iolan Sts

1 CVEs product

Monthly

CVE-2026-23759 HIGH PATCH This Week

Authenticated attackers can execute arbitrary commands as root on Perle IOLAN STS and SCS terminal servers (firmware <6.0) by injecting shell metacharacters through the restricted shell's 'ps' command. This command injection flaw (CWE-78) allows full operating system compromise after gaining access via Telnet or SSH. VulnCheck reported this vulnerability with vendor patch now available in firmware 6.0. EPSS score of 0.14% (34th percentile) indicates low predicted exploitation probability, and no active exploitation or public POC has been identified at time of analysis.

Command Injection Iolan Sts Iolan Scs
NVD VulDB
CVSS 4.0
8.6
EPSS
0.1%
EPSS 0% CVSS 8.6
HIGH PATCH This Week

Authenticated attackers can execute arbitrary commands as root on Perle IOLAN STS and SCS terminal servers (firmware <6.0) by injecting shell metacharacters through the restricted shell's 'ps' command. This command injection flaw (CWE-78) allows full operating system compromise after gaining access via Telnet or SSH. VulnCheck reported this vulnerability with vendor patch now available in firmware 6.0. EPSS score of 0.14% (34th percentile) indicates low predicted exploitation probability, and no active exploitation or public POC has been identified at time of analysis.

Command Injection Iolan Sts Iolan Scs
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy