PT-2026-2767 · Adobe · Dreamweaver Desktop

Jann Horn

·

Publicado

2026-01-13

·

Atualizado

2026-01-13

·

CVE-2026-21267

CVSS v3.1

8.6

Alta

VetorAV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Dreamweaver Desktop versions 21.6 and earlier
Description Dreamweaver Desktop versions 21.6 and earlier are susceptible to an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') issue. Successful exploitation of this issue could allow an attacker to execute arbitrary code. Exploitation requires user interaction, specifically a victim opening a malicious file. The scope of the issue is changed after exploitation.
Recommendations Update Dreamweaver Desktop to a version later than 21.6.

Correção

OS Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-78

Identificadores relacionados

BDU:2026-00729
CVE-2026-21267

Produtos afetados

Dreamweaver Desktop