CVE-2026-23759
Authenticated OS Command Injection in Perle IOLAN Terminal Servers
Publication date: 2026-03-17
Last updated on: 2026-03-17
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| perle | iolan | to 6.0 (exc) |
| perle | iolan_sts | to 6.0 (exc) |
| perle | iolan_scs | to 6.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': 'CVE-2026-23759 affects Perle IOLAN STS and SCS terminal server models with firmware versions prior to 6.0. It is an authenticated OS command injection vulnerability occurring in the restricted shell accessed via Telnet or SSH.'}, {'type': 'paragraph', 'content': "The vulnerability arises because the 'ps' command in the shell does not properly sanitize user-supplied arguments and passes them directly into an 'sh -c' invocation running as root."}, {'type': 'paragraph', 'content': "An authenticated attacker who can log into the device can inject shell metacharacters after the 'ps' subcommand to execute arbitrary OS commands with root privileges, leading to full compromise of the underlying operating system."}] [1]
How can this vulnerability impact me? :
This vulnerability allows an authenticated attacker to execute arbitrary OS commands with root privileges on the affected device.
As a result, the attacker can fully compromise the underlying operating system, impacting confidentiality, integrity, and availability of the device.
Such a compromise could lead to unauthorized access to sensitive data, disruption of services, and potential use of the device as a foothold for further attacks within the network.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by verifying if your Perle IOLAN STS or SCS terminal server is running a firmware version prior to 6.0, as these versions are affected.'}, {'type': 'paragraph', 'content': "Since the vulnerability involves an authenticated OS command injection via the restricted shell's 'ps' command over Telnet or SSH, detection can involve attempting to log in to the device and testing the 'ps' command for improper argument sanitization."}, {'type': 'paragraph', 'content': "A practical detection approach is to connect to the device via SSH or Telnet and run the 'ps' command with shell metacharacters appended to see if arbitrary commands execute with root privileges."}, {'type': 'list_item', 'content': 'Use SSH or Telnet to log into the device.'}, {'type': 'list_item', 'content': 'Run a command like: ps; id or ps && id to check if shell metacharacters are executed.'}, {'type': 'list_item', 'content': 'If the output includes results of the injected command (e.g., user id information), the device is vulnerable.'}] [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade the firmware of the affected Perle IOLAN STS or SCS terminal servers to version 6.0 or later, where this vulnerability is fixed.
Until the upgrade can be applied, restrict access to the Telnet and SSH interfaces to trusted users only, as the vulnerability requires authenticated access.
Additionally, monitor and audit login attempts and command usage on the device to detect any suspicious activity.