CVE-2026-26461 PUBLISHED

Assigner: mitre
Reserved: 16.02.2026 Published: 01.05.2026 Updated: 01.05.2026

A Command Injection vulnerability in the web management interface in Aver PTC320UV2 0.1.0000.65 allows an unauthenticated attacker to execute arbitrary commands via a crafted web request.

Product Status

Vendor	n/a
Product	n/a
Versions	Version n/a is affected

References

https://www.aver.com/Downloads/search?q=PTC320UV2
https://github.com/spaceraccoon/disclosures/blob/main/2026/CVE-2026-26461.md

Problem Types

n/a text