PT-2026-36707 · Av Stumpfl · Pixera Two Media Server

Trebledj

Published

2026-05-03

Updated

2026-05-03

CVE-2026-7703

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions AV Stumpfl Pixera Two Media Server versions prior to 25.2 R3

Description A flaw in the Websocket API component allows for remote code injection. This occurs through the manipulation of an unknown function within the API.

Recommendations Upgrade to version 25.2 R3.

Exploit

Fix

Code Injection

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94CWE-74

Related Identifiers

CVE-2026-7703

Affected Products

Pixera Two Media Server

PT-2026-36707 · Av Stumpfl · Pixera Two Media Server

CVE-2026-7703

Weakness Enumeration

Related Identifiers

Affected Products

References · 11