CVE-2026-4287 in Easy7 Integrated Management PlatformИнформация

Сводка

по MITRE • 17.03.2026

A security flaw has been discovered in Tiandy Easy7 Integrated Management Platform 7.17.0. The affected element is an unknown function of the file /rest/devStatus/queryResources of the component Endpoint. Performing a manipulation of the argument areaId results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Ответственный

VulDB

Раскрытие

17.03.2026

Модерация

принято

Вход

VDB-351292

CPE

готов

CWE

CWE-89 (Подтверждённый)

Эксплойт

Скачать

CVSS

7.3 (CNA)

EPSS

0.00042

KEV

Нет

Деятельности

Очень низкий

Источники

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-4287
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-4287
CVE Details	https://www.cvedetails.com/cve/CVE-2026-4287/

◂ Предыдущий Обзор Далее ▸

Do you need the next level of professionalism?

Upgrade your account now!