QSearchQSearch

CVE-2026-8914

In Teltonika Networks RUTOS devices, running versions 7.22 through 7.23.2 and TSWOS devices running versions 1.09 through 1.09.1, due to ...

Published: 2026-06-05 · Last updated: 2026-06-05

Severity and scoring

CWE
CWE-95

Description

In Teltonika Networks RUTOS devices, running versions 7.22 through 7.23.2 and TSWOS devices running versions 1.09 through 1.09.1, due to unsafe calls to an eval function in rpc-profile, a vulnerability exists where a lower privileged user could perform command injection as the root user.

Source: NVD

References

Related CVEs

Same CWE

  • CVE-2026-52858 Vim is an open source, command line text editor
  • CVE-2026-47167 Vim is an open source, command line text editor
  • CVE-2026-11422 Markdown Preview Enhanced 0.8.x with crossnote engine 0.9.28 contains a code injection vulnerability in the WaveDrom rendering pipeline t... (7.1 HIGH)
  • CVE-2026-50733 Markdown Preview Enhanced before 0.8.28 parses WaveDrom diagrams by evaluating untrusted markdown content with eval(), allowing arbitrary... (8.8 HIGH)
  • CVE-2026-48962 IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob (7.3 HIGH)