CVE-2026-8233
Improper Access Control in Dotouch XproUPF
Publication date: 2026-05-10
Last updated on: 2026-05-10
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dotouch | xproupf | 2.0.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
| CWE-266 | A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Dotouch XproUPF version 2.0.0-release-088aa7c4, specifically in an unknown function of the UPF component. It causes improper access controls, meaning that the system does not correctly restrict access to certain functions or data. Exploiting this vulnerability requires a high degree of complexity and is considered difficult.
How can this vulnerability impact me? :
The vulnerability can lead to improper access controls, which may allow unauthorized users with limited privileges to access or manipulate data or functions they should not have access to. However, the attack complexity is high and exploitability is difficult, which reduces the likelihood of successful exploitation.