Description
A vulnerability was determined in Dotouch XproUPF 2.0.0-release-088aa7c4. Affected is an unknown function of the component UPF. This manipulation causes improper access controls. A high degree of complexity is needed for the attack. The exploitability is told to be difficult. The vendor was contacted early about this disclosure.
References (3)
Core 3
Core References
Signature, Permissions Required signature
permissions-required
VDB-362450 | CTI Indicators (IOB, IOC, TTP)
https://vuldb.com/vuln/362450/cti
Third Party Advisory third-party-advisory
Submit #808799 | Dotouch XproUPF v2.0.0-release-088aa7c4 imp
https://vuldb.com/submit/808799
Scores
CVSS v3
4.6
EPSS
0.0014
EPSS Percentile
3.6%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-266
CWE-284
Status
published
Products (1)
Dotouch/XproUPF
2.0.0-release-088aa7c4
Published
May 10, 2026
Tracked Since
May 10, 2026