CVE-2026-4537

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2026-4537
A vulnerability was determined in Cudy TR1200 R46-2.4.15-20250721-164017. Impacted is the function action_ipsec_conn of the file /usr/bin/lib/lua/luci/controller/ipsec.lua. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. Upgrading the affected component is advised. The vendor explains, that "some other customer has reported this to us before. And we have fixed this."

4.7 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 3.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

5.8 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:M/C:P/I:P/A:P

Exploitability : 6.4 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication MULTIPLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
https://github.com/qazmn/my_cve/blob/main/cudy_cve/Cudy_TR1200_Command_Injection.md
https://vuldb.com/submit/774447
https://vuldb.com/vuln/352325
https://vuldb.com/vuln/352325/cti
Configurations

No configuration.

History

29 Apr 2026, 07:16

Type Values Removed Values Added
Summary (en) A vulnerability was determined in Cudy TR1200 R46-2.4.15-20250721-164017. Impacted is the function action_ipsec_conn of the file /usr/bin/lib/lua/luci/controller/ipsec.lua. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. (en) A vulnerability was determined in Cudy TR1200 R46-2.4.15-20250721-164017. Impacted is the function action_ipsec_conn of the file /usr/bin/lib/lua/luci/controller/ipsec.lua. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. Upgrading the affected component is advised. The vendor explains, that "some other customer has reported this to us before. And we have fixed this."
References
  • {'url': 'https://vuldb.com/?ctiid.352325', 'source': 'cna@vuldb.com'}
  • {'url': 'https://vuldb.com/?id.352325', 'source': 'cna@vuldb.com'}
  • {'url': 'https://vuldb.com/?submit.774447', 'source': 'cna@vuldb.com'}
  • () https://vuldb.com/submit/774447 -
  • () https://vuldb.com/vuln/352325 -
  • () https://vuldb.com/vuln/352325/cti -

24 Apr 2026, 16:32

Type Values Removed Values Added
Summary
  • (es) Se determinó una vulnerabilidad en Cudy TR1200 R46-2.4.15-20250721-164017. Se ve afectada la función action_ipsec_conn del archivo /usr/bin/lib/lua/luci/controller/ipsec.lua. La ejecución de una manipulación puede llevar a una inyección de comandos. El ataque puede lanzarse de forma remota. El exploit ha sido divulgado públicamente y puede ser utilizado. El proveedor fue contactado tempranamente sobre esta divulgación, pero no respondió de ninguna manera.

22 Mar 2026, 05:16

Type Values Removed Values Added
New CVE
Information

Published : 2026-03-22 05:16

Updated : 2026-04-29 07:16

NVD link : CVE-2026-4537

Mitre link : CVE-2026-4537

CVE.ORG link : CVE-2026-4537

JSON object : View

Products Affected

No product.

CWE
CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')