CVE-2026-5842

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions decolua 9router versions up to 0.3.47

Description A security issue exists in decolua 9router that allows an attacker to bypass authorization. The vulnerability is located in an unknown function within the /api of the Administrative API Endpoint component. This can be exploited remotely. The exploit has been publicly disclosed.

Recommendations Upgrade to version 0.3.75 to resolve this issue.

Exploit

Fix

IDOR

Improper Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-639CWE-285

Related Identifiers

CVE-2026-5842

GHSA-XRRH-P7F2-27VM

Affected Products

Decolua 9Router

CVE-2026-5842

Weakness Enumeration

Related Identifiers

Affected Products

References · 12