CVE-2026-22323

Name of the Vulnerable Software and Affected Versions Versions prior to patchday 2026-05 (affected versions not specified)

Description A Cross-Site Request Forgery (CSRF) issue exists in the Link Aggregation configuration interface. An unauthenticated remote attacker can deceive authenticated users into submitting unauthorized POST requests to the device. This manipulation can silently modify the device’s configuration without the user’s awareness or permission. The impact on availability is considered low, as the device automatically recovers after a successful attack without requiring external intervention.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.