PT-2026-6060 · Ziroom · Ziroom Zhome A0101
Allanp0E
+1
·
Publicado
2026-02-03
·
Atualizado
2026-02-03
·
CVE-2026-1802
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Ziroom ZHOME A0101 version 1.0.1.0
Description
A security flaw exists in Ziroom ZHOME A0101. The issue is due to command injection resulting from the manipulation of the
macType argument within the macAddrClone function located in the lucicontrollerapizrMacClone.lua file. This allows for remote attacks. The exploit has been publicly released. The vendor was notified but did not respond.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Special Elements Injection
Command Injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Ziroom Zhome A0101