CVE-2026-9568
MEDIUMThingsBoard YAML provision getGatewayDockerComposeFile code injection
Title source: cnaDescription
A weakness has been identified in ThingsBoard up to 4.3.1.1. Affected by this vulnerability is the function getGatewayDockerComposeFile of the file /api/v1/provision of the component YAML Handler. This manipulation causes code injection. It is possible to initiate the attack remotely. The attack's complexity is rated as high. The exploitation appears to be difficult. The project was informed of the problem early through a pull request but has not reacted yet.
References (5)
Core 5
Core References
Vdb Entry, Technical Description vdb-entry
technical-description
VDB-365630 | ThingsBoard YAML provision getGatewayDockerComposeFile code injection
https://vuldb.com/vuln/365630
Signature, Permissions Required signature
permissions-required
VDB-365630 | CTI Indicators (IOB, IOC, TTP, IOA)
https://vuldb.com/vuln/365630/cti
Third Party Advisory third-party-advisory
Submit #817064 | ThingsBoard ThingsBoard Community Edition 3.6.2 through 4.3.1.1 Code Injection
https://vuldb.com/submit/817064
Patch issue-tracking
patch
https://github.com/thingsboard/thingsboard/pull/15550
Product product
https://github.com/thingsboard/thingsboard/
Scores
CVSS v3
5.0
EPSS
0.0022
EPSS Percentile
12.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-74
CWE-94
Status
published
Products (2)
None/ThingsBoard
4.3.1.0
None/ThingsBoard
4.3.1.1
Published
May 26, 2026
Tracked Since
May 27, 2026