Potential RCE

1 CVEs technique

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-5842 MEDIUM POC PATCH This Month

Remote authorization bypass in decolua 9router up to version 0.3.47 allows unauthenticated network attackers to access the Administrative API Endpoint (/api) without proper credentials, potentially exposing sensitive functionality. The vulnerability has publicly available exploit code and vendor-released patch version 0.3.75 is available, reducing real-world risk for patched deployments but creating urgency for unpatched instances given active public disclosures.

Authentication Bypass Potential RCE 9Router

NVD VulDB GitHub

CVSS 4.0

6.9

EPSS

0.0%

CVE-2026-5842

EPSS 0% CVSS 6.9

MEDIUM POC PATCH This Month

Remote authorization bypass in decolua 9router up to version 0.3.47 allows unauthenticated network attackers to access the Administrative API Endpoint (/api) without proper credentials, potentially exposing sensitive functionality. The vulnerability has publicly available exploit code and vendor-released patch version 0.3.75 is available, reducing real-world risk for patched deployments but creating urgency for unpatched instances given active public disclosures.

Authentication Bypass Potential RCE 9Router

NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy