CNNVD-202602-1906 Information

CNNVD ID

CNNVD-202602-1906

Related CVE

CVE-2026-24789

• CNNVD Published: 2026-02-11

Description (Chinese)

ZLAN5143D是中国卓岚（ZLAN）公司的一个串口服务器。 ZLAN5143D存在访问控制错误漏洞，该漏洞源于API端点未受保护，可能导致攻击者远程更改设备密码而无需提供身份验证。

Description (English)

ZLAN 5143D is a serial server for Zron, China. ZLAN5143D has an access control error loophole, which stems from the fact that the API endpoint is not protected and may result in a remote change of the device password by the assailant without having to provide identification.

Vulnerability Type

访问控制错误

Affected Vendor

卓岚

Published

2026-02-11

Last Modified

2026-02-24

References

https://www.zlmcu.com/en/contact_us.htm https://www.cisa.gov/news-events/ics-advisories/icsa-26-041-02 https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-041-02.json https://access.redhat.com/security/cve/cve-2026-24789