PT-2026-20508 · Unknown · Rongzhitong Visual Integrated Command/Dispatch Platform

Xxllyy

Published

2026-02-18

Updated

2026-02-19

CVE-2026-2669

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Name of the Vulnerable Software and Affected Versions Rongzhitong Visual Integrated Command and Dispatch Platform versions prior to 20260207

Description A security issue exists in Rongzhitong Visual Integrated Command and Dispatch Platform. Improper access controls can be triggered by manipulating the ID argument of a file, /dm/dispatch/user/delete, within the User Handler component. Remote exploitation is possible. The details of the affected function are unknown. The vulnerability has been publicly disclosed, and the vendor was notified but did not respond.

Recommendations Versions prior to 20260207 should be updated. As a temporary workaround, restrict access to the /dm/dispatch/user/delete file.

Exploit

Fix

Improper Access Control

Incorrect Privilege Assignment

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284CWE-266

Related Identifiers

CVE-2026-2669

Affected Products

Rongzhitong Visual Integrated Command/Dispatch Platform

CVE-2026-2669

Weakness Enumeration

Related Identifiers

Affected Products

References · 9