PT-2026-28220 · Unknown · Dameng100 Muucmf

Thinhnee

Published

2026-03-26

Updated

2026-03-26

CVE-2026-4847

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions dameng100 muucmf version 1.9.5.20260309

Description A cross site scripting issue exists due to manipulation of the Name argument. The issue is located in an unknown function within the file '/admin/config/list.html'. The attack can be initiated remotely. The exploit has been publicly released. The vendor was contacted but did not respond.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

XSS

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79CWE-94

Related Identifiers

CVE-2026-4847

Affected Products

Dameng100 Muucmf

PT-2026-28220 · Unknown · Dameng100 Muucmf

CVE-2026-4847

Weakness Enumeration

Related Identifiers

Affected Products

References · 5