CVE-2026-22317 Linux — Exploit & Vulnerability Details HIGH

CVE-2026-22317

HIGH CVSS 3.1: 7.2 EPSS 0.03%

Parameter	Value
CVSS	7.2 (HIGH)
Type	CWE-77 (Command Injection)
Vendor	Linux
Public PoC	No

A command injection vulnerability in the device’s Root CA certificate transfer workflow allows a high-privileged attacker to send crafted HTTP POST requests that result in arbitrary command execution on the underlying Linux OS with root privileges.

Attack Parameters

Attack Vector

Network

Can be exploited remotely

Attack Complexity

Low

Easy to exploit

Privileges Required

High

Admin privileges needed

User Interaction

None

No user interaction needed

Impact Assessment

Confidentiality

High

Complete data leak

Integrity

High

Complete data modification

Availability

High

Complete denial of service

CVSS Vector v3.1

Weakness Type (CWE)

CWE-77 Command Injection

References 1

https://certvde.com/de/advisories/VDE-2025-104

info@cert.vde.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-40253

Linux

6.8

CVE-2026-41035

Linux

7.4

CVE-2026-40245

Linux

7.5

CVE-2026-6328

Linux

8.3

CVE-2026-39418

Linux

5.0

Menu

CVE-2026-22317

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-40253

CVE-2026-41035

CVE-2026-40245

CVE-2026-6328

CVE-2026-39418

CVE Details

Editor's Choice

Menu

CVE-2026-22317

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-40253

CVE-2026-41035

CVE-2026-40245

CVE-2026-6328

CVE-2026-39418

CVE Details

Editor's Choice

Stay informed on cybersecurity