Description
A vulnerability was determined in Cudy TR1200 R46-2.4.15-20250721-164017. Impacted is the function action_ipsec_conn of the file /usr/bin/lib/lua/luci/controller/ipsec.lua. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-03-22
Score: 5.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Remote Command Execution via IPsec controller injection
Action: Apply Patch
AI Analysis

Impact

The vulnerability resides in the action_ipsec_conn function of /usr/bin/lib/lua/luci/controller/ipsec.lua on Cudy TR1200 routers, allowing an attacker to inject arbitrary shell commands. The injected commands execute with the privileges of the router’s internal script engine, potentially resulting in full device takeover. This flaw is classified as CWE‑74 (Command Injection) and CWE‑77 (Improper Output Escaping).

Affected Systems

Cudy TR1200 routers running firmware R46‑2.4.15‑20250721‑164017 are affected. No other firmware versions or additional products are listed as impacted.

Risk and Exploitability

The CVSS score of 5.1 reflects moderate severity, and the exploit is publicly disclosed on GitHub and VULDB, indicating real-world attack potential. The EPSS score is unavailable and the flaw is not present in the CISA KEV catalog, but the remote attack vector and the ability to execute privileged commands elevate the risk for any router exposed to the internet. Immediate attention to mitigating this vulnerability is recommended to prevent compromise.

Generated by OpenCVE AI on March 22, 2026 at 05:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest firmware update from Cudy that patches the IPsec controller vulnerability.
  • If a patched firmware is not yet released, disable remote management or block access to the IPSec controller from untrusted networks.
  • Monitor router logs for abnormal command executions and investigate any suspicious activity.
  • Consider replacing the device with a newer, supported router if the vendor does not provide a timely fix.

Generated by OpenCVE AI on March 22, 2026 at 05:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 23 Mar 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 23 Mar 2026 10:00:00 +0000

Type Values Removed Values Added
First Time appeared Cudy
Cudy tr1200
Vendors & Products Cudy
Cudy tr1200

Sun, 22 Mar 2026 04:30:00 +0000

Type Values Removed Values Added
Description A vulnerability was determined in Cudy TR1200 R46-2.4.15-20250721-164017. Impacted is the function action_ipsec_conn of the file /usr/bin/lib/lua/luci/controller/ipsec.lua. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Title Cudy TR1200 ipsec.lua action_ipsec_conn command injection
Weaknesses CWE-74
CWE-77
References
Metrics cvssV2_0

{'score': 5.8, 'vector': 'AV:N/AC:L/Au:M/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 4.7, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 4.7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Cudy Tr1200
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-03-23T16:39:52.798Z

Reserved: 2026-03-21T08:08:42.500Z

Link: CVE-2026-4537

cve-icon Vulnrichment

Updated: 2026-03-23T16:21:40.911Z

cve-icon NVD

Status : Deferred

Published: 2026-03-22T05:16:20.063

Modified: 2026-04-24T16:32:53.997

Link: CVE-2026-4537

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T14:46:39Z

Weaknesses