Description
An unauthenticated remote attacker is able to perform remote code execution due to incorrectly sanitized user input in the SetParameter command.
Published: 2026-07-16
Score: 9.8 Critical
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 16 Jul 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 16 Jul 2026 10:30:00 +0000

Type Values Removed Values Added
Description An unauthenticated remote attacker is able to perform remote code execution due to incorrectly sanitized user input in the SetParameter command.
Title Origin Validation Error in X-Rite MA-T6
First Time appeared X-rite
X-rite ma-t6
Weaknesses CWE-78
CPEs cpe:2.3:a:x-rite:ma-t6:*:*:*:*:*:*:*:*
Vendors & Products X-rite
X-rite ma-t6
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published:

Updated: 2026-07-16T15:11:14.497Z

Reserved: 2023-12-01T08:19:11.319Z

Link: CVE-2023-49900

cve-icon Vulnrichment

Updated: 2026-07-16T13:36:32.779Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses
  • CWE-78

    Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')