CVE-2026-21718

Summary

An authentication bypass vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, enabling any attackers to bypass the authentication requirement and achieve pre-authenticated code execution on the system.

Affected Software

VendorProductVersion RangeStatus
CopelandCopeland XWEB 300D PRO0 <= 1.12.1affected
CopelandCopeland XWEB 500D PRO0 <= 1.12.1affected
CopelandCopeland XWEB 500B PRO0 <= 1.12.1affected

Weaknesses

  • CWE-327: CWE-327

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References