PT-2026-20544 · Googtech · Sms-Ssm

Jszdk

Published

2026-02-18

Updated

2026-02-19

CVE-2026-2676

CVSS v2.0

6.5

Medium

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions GoogTech sms-ssm versions prior to e8534c766fd13f5f94c01dab475d75f286918a8d

Description A weakness exists due to improper authorization. This issue is related to the preHandle function within the LoginInterceptor.java file of the API Interface component. The attack can be performed remotely. The exploit has been made publicly available.

Recommendations Update to a version prior to e8534c766fd13f5f94c01dab475d75f286918a8d.

Exploit

Fix

Improper Authorization

Incorrect Privilege Assignment

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-285CWE-266

Related Identifiers

CVE-2026-2676

Affected Products

Sms-Ssm

PT-2026-20544 · Googtech · Sms-Ssm

CVE-2026-2676

Weakness Enumeration

Related Identifiers

Affected Products

References · 10