PT-2026-20508 · Unknown · Rongzhitong Visual Integrated Command/Dispatch Platform

Xxllyy

Publicado

2026-02-18

Atualizado

2026-02-19

CVE-2026-2669

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Name of the Vulnerable Software and Affected Versions Rongzhitong Visual Integrated Command and Dispatch Platform versions prior to 20260207

Description A security issue exists in Rongzhitong Visual Integrated Command and Dispatch Platform. Improper access controls can be triggered by manipulating the ID argument of a file, /dm/dispatch/user/delete, within the User Handler component. Remote exploitation is possible. The details of the affected function are unknown. The vulnerability has been publicly disclosed, and the vendor was notified but did not respond.

Recommendations Versions prior to 20260207 should be updated. As a temporary workaround, restrict access to the /dm/dispatch/user/delete file.

Exploit

Correção

Improper Access Control

Incorrect Privilege Assignment

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-284CWE-266

Identificadores relacionados

CVE-2026-2669

Produtos afetados

Rongzhitong Visual Integrated Command/Dispatch Platform

PT-2026-20508 · Unknown · Rongzhitong Visual Integrated Command/Dispatch Platform

CVE-2026-2669

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 9