CVE-2026-1791
Unrestricted File Upload in Hillstone Security Gateway Enables Web Shell
Publication date: 2026-02-04
Last updated on: 2026-02-04
Assigner: Hillstone Networks, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| hillstone_networks | operation_and_maintenance_security_gateway | 5.5st00001b113 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-1791 is an arbitrary file upload vulnerability in the Hillstone Networks Operation and Maintenance Security Gateway. It occurs because the system does not properly validate or filter files uploaded by users.
An attacker with administrator privileges can exploit this vulnerability to upload malicious files, such as a web shell, to the affected system.
This issue affects version V5.5ST00001B113 of the product and has been assigned a low risk severity.
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': 'If exploited, this vulnerability allows an attacker with administrator privileges to upload arbitrary malicious files to the system.'}, {'type': 'paragraph', 'content': 'Such an attack could lead to the deployment of a web shell on the server, potentially enabling unauthorized remote control or further attacks.'}, {'type': 'paragraph', 'content': "The overall impact is limited by the requirement for administrator privileges and the vulnerability's low severity rating, but it still poses a risk to system availability and integrity."}] [1]
What immediate steps should I take to mitigate this vulnerability?
To mitigate the CVE-2026-1791 vulnerability, you should apply the official patch released by Hillstone Networks on 2025-11-05 for the affected product version V5.5ST00001B113.
If further assistance is needed, contact Hillstone technical support or professional service personnel.
Security issues can also be reported to Hillstoneβs PSIRT team via [email protected].
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows an attacker with administrator privileges to upload arbitrary malicious files, such as a web shell, to the affected system. This could potentially lead to unauthorized access or control over the system.
While the CVE description and resources do not explicitly mention specific impacts on compliance with standards like GDPR or HIPAA, the presence of such a vulnerability could increase the risk of data breaches or unauthorized access, which are critical concerns under these regulations.
Hillstone Networks emphasizes responsible disclosure and compliance with relevant laws and regulations to protect user interests, and has released a patch to mitigate the vulnerability.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know