Stonefly Storage Concentrator Virtual Machine

5 CVEs affecting Stonefly Storage Concentrator Virtual Machine. Latest disclosed: 2026-06-30. Critical: 4, High: 0.

Top CVEs affecting Stonefly Storage Concentrator Virtual Machine
CVESeverityScorePublishedSummary
CVE-2026-56415Critical10.02026-06-30Storage Concentrator (SC & SCVM) contains a command injection vulnerability within the debug.pl script that is reachable without authentication. A remote attac…
CVE-2026-56413Critical10.02026-06-30Storage Concentrator (SC & SCVM) contains a command injection vulnerability in the ms_service.pl service, which listens on TCP port 9000 by default and accepts…
CVE-2026-55721Critical9.32026-06-30Storage Concentrator (SC & SCVM) is vulnerable to SQL injection through cookie values processed by the login.pl and debug.pl scripts. The cookie value is incor…
CVE-2026-50110Critical9.22026-06-30Storage Concentrator (SC & SCVM) contains hardcoded credentials for numerous internal services embedded within a configuration file. While the credentials are…
CVE-2026-50040Medium6.12026-06-30Storage Concentrator (SC & SCVM) is vulnerable to reflected cross-site scripting due to unsanitized content being echoed back in 404 error pages. An attacker c…