CVE-2026-4221 in Easy7 Integrated Management Platforminfo

Summary

by MITRE • 03/16/2026

A vulnerability was found in Tiandy Easy7 Integrated Management Platform 7.17.0. This affects an unknown part of the file /rest/file/uploadLedImage of the component Endpoint. The manipulation of the argument File results in unrestricted upload. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsible

VulDB

Disclosure

03/16/2026

Moderation

accepted

Entry

VDB-351145

CPE

ready

CWE

CWE-434 (confirmed)

Exploit

Download

CVSS

7.3 (VulDB)

EPSS

0.00057

KEV

Activities

very low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-4221
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-4221
CVE Details	https://www.cvedetails.com/cve/CVE-2026-4221/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!