Copeland Copeland Xweb 500d Pro
23 CVEs affecting Copeland Copeland Xweb 500d Pro. Latest disclosed: 2026-02-27. Critical: 2, High: 19.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-21718 | Critical | 10.0 | 2026-02-27 | An authentication bypass vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, enabling any attackers to bypass the authentication requirement… |
CVE-2026-24663 | Critical | 9.0 | 2026-02-27 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an unauthenticated attacker to achieve remote code execution on t… |
CVE-2026-25085 | High | 8.6 | 2026-02-27 | A vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, in which an unexpected return value from the authentication routine is later on process… |
CVE-2026-25109 | High | 8.0 | 2026-02-27 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on t… |
CVE-2026-20910 | High | 8.0 | 2026-02-27 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the… |
CVE-2026-3037 | High | 8.0 | 2026-02-27 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the… |
CVE-2026-25037 | High | 8.0 | 2026-02-27 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on th… |
CVE-2026-25196 | High | 8.0 | 2026-02-27 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the… |
CVE-2026-20764 | High | 8.0 | 2026-02-27 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the… |
CVE-2026-25721 | High | 8.0 | 2026-02-27 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the… |
CVE-2026-23702 | High | 8.0 | 2026-02-27 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the… |
CVE-2026-24452 | High | 8.0 | 2026-02-27 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on th… |
CVE-2026-25105 | High | 8.0 | 2026-02-27 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution o… |
CVE-2026-24695 | High | 8.0 | 2026-02-27 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on… |
CVE-2026-20902 | High | 8.0 | 2026-02-27 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on… |
CVE-2026-24689 | High | 8.0 | 2026-02-27 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on th… |
CVE-2026-25195 | High | 8.0 | 2026-02-27 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on… |
CVE-2026-24517 | High | 8.0 | 2026-02-27 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on t… |
CVE-2026-20742 | High | 8.0 | 2026-02-27 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on th… |
CVE-2026-25111 | High | 8.0 | 2026-02-27 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the… |