CVE-2026-12059

HIGH NVD

CVSS Score 8.8

Severity HIGH

Published Jun 12, 2026

Vendor unknown

Description

The SSH service of CelloOS developed by Cellopoint has an Improper Access Control vulnerability, allowing authenticated remote attackers to bypass the enforced command restrictions and execute operating system commands outside the originally authorized scope.

References

https://www.twcert.org.tw/en/cp-139-10965-3ce75-2.html
https://www.twcert.org.tw/tw/cp-132-10966-3258e-1.html