HIGHCVE-2026-20892Published Modified CNA jpcert
CVE-2026-20892: Code injection vulnerability exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker with administrative privileges to execute arbitrary commands
Code injection vulnerability exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker with administrative privileges to execute arbitrary commands.
Metrics
- CVSS v4.0
- 8.6
- Severity
- HIGH
- Fixed in
- —
- Affected Products
- 2
Affected packages
- Micro Research Ltd. / MR-GM5L-S1firmware versions prior to v2.01.04N1_02
- Micro Research Ltd. / MR-GM5A-L1firmware versions prior to v2.01.04N1_02
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N