โ† Back to Dashboard

CVE-2026-36829

CRITICAL NVD
CVSS Score
9.8
Severity
CRITICAL
Source
NVD
Published
May 19, 2026
Description

An authentication bypass vulnerability exists in the embedded HTTP server of Panabit PAP-XM320 up to and including v7.7. The server validates session cookies using a filesystem existence check based on a user-controlled cookie value without proper sanitization, allowing directory traversal and bypass of authentication.

View Full Details โ† Back