Impact
The vulnerability allows an attacker to inject arbitrary shell commands by manipulating the ip_list argument in bridge_cfg.php. This is a command injection weakness identified as CWE-74 and CWE-77. This leads to remote execution of commands on the device, affecting confidentiality, integrity, and availability by giving an attacker full control over the network equipment.
Affected Systems
DCN DCME-320 devices running firmware versions up to 20260121 are affected. The flaw exists in the Web Management Backend component of the DCN DCME-320 product.
Risk and Exploitability
With a CVSS score of 5.1, the vulnerability is considered medium severity. An EPSS score of 17% indicates a relatively high probability of exploitation in the near term. The attack is performed remotely to the web management backend, specifically targeting the bridge_cfg.php endpoint and manipulating the ip_list argument. The exploit is publicly available, and the risk remains elevated even though the vulnerability is not listed in CISA's KEV catalog.
OpenCVE Enrichment