GHSA-69xh-mqwf-cxv2HighCVSS 7.7
Peplink InControl 2 through 2.14.2 before 2026-06-03 allows use of a semicolon to bypass access...
🔗 CVE IDs covered (1)
📋 Description
Peplink InControl 2 through 2.14.2 before 2026-06-03 allows use of a semicolon to bypass access-control rules for certain /rest/o/{orgId} endpoints.