Description
METIS WIC devices (versions <= oscore 2.1.234-r18) expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with root (UID 0) privileges. This results in full system compromise, allowing unauthorized access to modify system configuration, read sensitive data, or disrupt device operations
Published: 2026-02-11
Score: 9.8 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Remote Privilege Escalation to Root, full system compromise
Action: Immediate Patch
AI Analysis

Impact

CVE-2026-2248 exploits a flaw in METIS WIC devices that exposes a web‑based shell at the /console endpoint without requiring authentication. This allows an attacker who can reach the device over the network to run arbitrary operating system commands with root (UID 0) privileges, resulting in complete control over the device, including configuration changes, data exfiltration, and service disruption. The weakness is an authentication bypass (CWE‑287) and missing authentication controls (CWE‑306).

Affected Systems

Affected devices are METIS WIC units manufactured by METIS Cyberspace Technology SA. Versions up to and including oscore 2.1.234‑r18 are impacted. Users running these firmware releases should confirm compatibility and plan for an upgrade.

Risk and Exploitability

The CVSS base score is 9.8, indicating critical severity. The EPSS score of less than 1 % indicates that, at the time of analysis, the exploitation likelihood is low but not zero. The vulnerability is not listed in the CISA KEV catalog. An unauthenticated remote attacker can exploit it by sending an HTTP request to the /console endpoint from any network segment that can reach the device, obtaining full root access. Due to its remote nature and lack of authentication, any device exposed to the internet or local networks is at risk until mitigated.

Generated by OpenCVE AI on April 17, 2026 at 20:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade all affected METIS WIC devices to firmware versions newer than oscore 2.1.234‑r18, which eliminate the unauthenticated web shell endpoint.
  • Restrict network access to the device, ensuring that only trusted hosts can reach the internal management interface and the /console endpoint.
  • Disable the /console endpoint through device configuration or firewall rules to block unauthenticated access until a patch is applied.
  • Continuously monitor device logs for signs of unauthorized command execution and apply security patches promptly as they become available.

Generated by OpenCVE AI on April 17, 2026 at 20:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 12 Feb 2026 15:30:00 +0000

Type Values Removed Values Added
References

Wed, 11 Feb 2026 22:15:00 +0000

Type Values Removed Values Added
First Time appeared Metis Cyberspace Technology Sa
Metis Cyberspace Technology Sa metis Wic
Vendors & Products Metis Cyberspace Technology Sa
Metis Cyberspace Technology Sa metis Wic

Wed, 11 Feb 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 11 Feb 2026 14:30:00 +0000

Type Values Removed Values Added
Description METIS WIC devices (versions <= oscore 2.1.234-r18) expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with root (UID 0) privileges. This results in full system compromise, allowing unauthorized access to modify system configuration, read sensitive data, or disrupt device operations
Title Unauthenticated Remote Root Shell Access via Web Console in METIS WIC
Weaknesses CWE-287
CWE-306
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Metis Cyberspace Technology Sa Metis Wic
cve-icon MITRE

Status: PUBLISHED

Assigner: MHV

Published:

Updated: 2026-02-12T15:20:05.979Z

Reserved: 2026-02-09T13:38:41.942Z

Link: CVE-2026-2248

cve-icon Vulnrichment

Updated: 2026-02-11T14:54:24.536Z

cve-icon NVD

Status : Deferred

Published: 2026-02-11T15:16:17.433

Modified: 2026-04-15T00:35:42.020

Link: CVE-2026-2248

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T20:30:15Z

Weaknesses