CVE Catalog

CVE-2026-50043

HighCVSS 7.2
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Elevated risk
1.13%

62th percentile — higher than 62% of all known CVEs

Summary

An OS command injection vulnerability exists in SkyBridge MB-A100/MB-A110 devices. The issue is caused by improper neutralization of special elements used in OS commands.

Risk Assessment

An attacker with administrative privileges can execute arbitrary OS commands, leading to full device compromise and potential network-wide impact.

Recommendation

Immediately update the firmware of SkyBridge MB-A100/MB-A110 devices to the latest version provided by the vendor. Restrict administrative access to trusted IP addresses only.

Original NVD description (English source)

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in SkyBridge MB-A100/MB-A110. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who can log in to the product with an administrative privilege.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS