216.73.216.133

CVE-2026-8914

· Published 05/06/2026 11:16 · Modified 05/06/2026 14:59

Labels: CVE-2026-8914 001d69cf-3fc9-4203-93fb-9865b54e05b22026-06-05CVE-2026-8914CWE-95

Essential information

Published
05/06/2026 11:16
Modified
05/06/2026 14:59
Author
Creator
CVSS
8.4 HIGH (v3) 8.4 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

In Teltonika Networks RUTOS devices, running versions 7.22 through 7.23.2 and TSWOS devices running versions 1.09 through 1.09.1, due to unsafe calls to an eval function in rpc-profile, a vulnerability exists where a lower privileged user could perform command injection as the root user.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
001d69cf-3fc9-4203-93fb-9865b54e05b2
NVD
View on NVD

Affected products (CPE)

ProductCPE
teltonika networks / rutos cpe:2.3:a:teltonika_networks:rutos:7.22-7.23.2:*:*:*:*:*:*:*
teltonika networks / tswos cpe:2.3:a:teltonika_networks:tswos:1.09-1.09.1:*:*:*:*:*:*:*

References