CVE-2026-2731

N/A

Descricao

Path traversal and content injection in JobRunnerBackground.aspx in DynamicWeb 8 (all) and 9 (<9.19.7 and <9.20.3) allows unauthenticated attackers to execute code via simple web requests

Detalhes CVE

Pontuacao CVSS v3.1N/A

Publicado2/19/2026

Ultima modificacao2/19/2026

Fontenvd

Avistamentos honeypot0

Fraquezas (CWE)

CWE-22

Referencias

https://doc.dynamicweb.dev/documentation/fundamentals/dw10release/security-reports.html#january-19th-2026---unauthenticated-rce-dynamicweb-9-and-dynamicweb-8(db4dfee8-a97e-4877-bfae-eba6d14a2166)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.