totekuh/CVE-2026-36356

Releases0

Stars1

CVE-2026-36356: MeiG Smart FORGE_SLT711 GoAhead - Unauthenticated OS Command Injection (RCE as root)

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2026-36356 ↗	May 5, 2026Tuesday, 5 May 2026, 14:16	9.1 CRITICAL	—
The GoAhead web server on MeiG Smart FORGE_SLT711 devices (firmware MDM9607.LE.1.0-00110-STD.PROD-1) allows unauthenticated OS command injection via the /action/SetRemoteAccessCfg endpoint.