CVE-2026-22905
EUVD-2026-692709.02.2026, 08:16
An unauthenticated remote attacker can bypass authentication by exploiting insufficient URI validation and using path traversal sequences (e.g., /js/../cgi-bin/post.cgi), gaining unauthorized access to protected CGI endpoints and configuration downloads.
Awaiting analysis
This vulnerability is currently awaiting analysis.