Search criteria
2 vulnerabilities found for METIS WIC by METIS Cyberspace Technology SA
CVE-2026-2248 (GCVE-0-2026-2248)
Vulnerability from cvelistv5 – Published: 2026-02-11 14:15 – Updated: 2026-02-12 15:20
VLAI?
Title
Unauthenticated Remote Root Shell Access via Web Console in METIS WIC
Summary
METIS WIC devices (versions <= oscore 2.1.234-r18) expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with root (UID 0) privileges. This results in full system compromise, allowing unauthorized access to modify system configuration, read sensitive data, or disrupt device operations
Severity ?
9.8 (Critical)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| METIS Cyberspace Technology SA | METIS WIC |
Affected:
oscore 2.1.234-r18
(custom)
Unaffected: oscore 2.1.235-r19 (custom) |
Credits
Cydome Security Ltd
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2248",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-11T14:54:21.293377Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-11T14:54:45.412Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "METIS WIC",
"vendor": "METIS Cyberspace Technology SA",
"versions": [
{
"status": "affected",
"version": "oscore 2.1.234-r18",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "oscore 2.1.235-r19",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Cydome Security Ltd"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMETIS WIC devices (versions \u0026lt;= oscore 2.1.234-r18) expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with root (UID 0) privileges. This results in full system compromise, allowing unauthorized access to modify system configuration, read sensitive data, or disrupt device operations\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "METIS WIC devices (versions \u003c= oscore 2.1.234-r18) expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with root (UID 0) privileges. This results in full system compromise, allowing unauthorized access to modify system configuration, read sensitive data, or disrupt device operations"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-12T15:20:05.979Z",
"orgId": "56a186b1-7f5e-4314-ba38-38d5499fccfd",
"shortName": "MHV"
},
"references": [
{
"tags": [
"x_vendor-website"
],
"url": "https://www.metis.tech/"
},
{
"tags": [
"technical-description"
],
"url": "https://cydome.io/vulnerability-advisory-cve-2026-2248-unauthenticated-remote-root-shell-in-metis-wic"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Unauthenticated Remote Root Shell Access via Web Console in METIS WIC",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "56a186b1-7f5e-4314-ba38-38d5499fccfd",
"assignerShortName": "MHV",
"cveId": "CVE-2026-2248",
"datePublished": "2026-02-11T14:15:42.961Z",
"dateReserved": "2026-02-09T13:38:41.942Z",
"dateUpdated": "2026-02-12T15:20:05.979Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2250 (GCVE-0-2026-2250)
Vulnerability from cvelistv5 – Published: 2026-02-11 14:13 – Updated: 2026-02-12 15:20
VLAI?
Title
Unauthenticated Data Export and Source Code Disclosure via /dbviewer/ in METIS WIC
Summary
The /dbviewer/ web endpoint in METIS WIC devices is exposed without authentication. A remote attacker can access and export the internal telemetry SQLite database containing sensitive operational data. Additionally, the application is configured with debug mode enabled, causing malformed requests to return verbose Django tracebacks that disclose backend source code, local file paths, and system configuration.
Severity ?
7.5 (High)
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| METIS Cyberspace Technology SA | METIS WIC |
Affected:
oscore 2.1.234-r18
(custom)
Unaffected: oscore 2.1.235-r19 (custom) |
Credits
Cydome Security Ltd
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2250",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-11T15:00:06.523607Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-11T15:02:05.830Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "METIS WIC",
"vendor": "METIS Cyberspace Technology SA",
"versions": [
{
"status": "affected",
"version": "oscore 2.1.234-r18",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "oscore 2.1.235-r19",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Cydome Security Ltd"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe /dbviewer/ web endpoint in METIS WIC devices is exposed without authentication. A remote attacker can access and export the internal telemetry SQLite database containing sensitive operational data. Additionally, the application is configured with debug mode enabled, causing malformed requests to return verbose Django tracebacks that disclose backend source code, local file paths, and system configuration.\u003c/p\u003e"
}
],
"value": "The /dbviewer/ web endpoint in METIS WIC devices is exposed without authentication. A remote attacker can access and export the internal telemetry SQLite database containing sensitive operational data. Additionally, the application is configured with debug mode enabled, causing malformed requests to return verbose Django tracebacks that disclose backend source code, local file paths, and system configuration."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-215",
"description": "CWE-215 Insertion of Sensitive Information Into Debugging Error Output",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-12T15:20:51.492Z",
"orgId": "56a186b1-7f5e-4314-ba38-38d5499fccfd",
"shortName": "MHV"
},
"references": [
{
"tags": [
"x_vendor-website"
],
"url": "https://www.metis.tech/"
},
{
"tags": [
"technical-description"
],
"url": "https://cydome.io/vulnerability-advisory-cve-2026-2250-unauthenticated-data-exfilteration-and-information-disclosure-in-metis-wic-wireless-intelligent-collector"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Unauthenticated Data Export and Source Code Disclosure via /dbviewer/ in METIS WIC",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "56a186b1-7f5e-4314-ba38-38d5499fccfd",
"assignerShortName": "MHV",
"cveId": "CVE-2026-2250",
"datePublished": "2026-02-11T14:13:45.892Z",
"dateReserved": "2026-02-09T13:38:44.756Z",
"dateUpdated": "2026-02-12T15:20:51.492Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}