CNNVD-202601-2104 Information

CNNVD ID

CNNVD-202601-2104

Related CVE

CVE-2022-50909

• CNNVD Published: 2026-01-13

Description (Chinese)

Algo 8028 Control Panel是Algo公司的一个门禁对讲系统的Web配置界面。 Algo 8028 Control Panel 3.3.3版本存在操作系统命令注入漏洞，该漏洞源于fm-data.lua端点存在命令注入，可能导致经过身份验证的攻击者执行任意命令。

Description (English)

Algo 8028 Control Panel is a Web-based interface for Algo’s closed-door delivery system. Algo 8028 Control Panel version 3.3.3 contains a loophole in the operating system orders, which originates from the presence of an order at the fm-data.lua endpoint, which may lead to the execution of an arbitrary order by an identified assailant.

Hazard Level

Medium

Vulnerability Type

操作系统命令注入

Affected Vendor

Algo

Published

2026-01-13

Last Modified

2026-02-24

References

https://www.algosolutions.com/ https://www.algosolutions.com/firmware-downloads/8028-firmware-selection/ https://www.exploit-db.com/exploits/50960 https://www.vulncheck.com/advisories/algo-control-panel-remote-code-execution-rce-authenticated