CVE-2026-56808
Received Received - Intake

OS Command Injection in AVTECH DGM3103SCT

Publication date: 2026-06-30

Last updated on: 2026-06-30

Assigner: JPCERT/CC

Description
DGM3103SCT provided by AVTECH Security Corporation contains an OS command injection vulnerability, which may lead to arbitrary command execution with the root privilege by a user who can log in to the web management console of the affected product.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-30
Last Modified
2026-06-30
Generated
2026-06-30
AI Q&A
2026-06-30
EPSS Evaluated
N/A
NVD
CVE-2026-56808
EUVD
EUVD-2026-40265

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
avtech_security_corporation dgm3103sct to 3.2.5.4 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

The DGM3103SCT device by AVTECH Security Corporation contains an OS command injection vulnerability (CWE-78). This vulnerability allows a user who can log in to the web management console to execute arbitrary operating system commands with root privileges.

This means that an authenticated user with access to the device's web interface can run any command on the underlying system, potentially taking full control of the device.

Impact Analysis

This vulnerability can have a severe impact because it allows an authenticated user to execute arbitrary commands with root privileges on the affected device.

  • Complete takeover of the device by an attacker.
  • Potential disruption of device functionality or network operations.
  • Exposure of sensitive data stored or processed by the device.
  • Use of the compromised device as a foothold for further attacks within the network.
Mitigation Strategies

To mitigate this vulnerability, the vendor recommends updating the firmware of the DGM3103SCT device to the latest version.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-56808. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart