Описание
BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.
BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2026-1731
- https://beyondtrustcorp.service-now.com/csm?id=csm_kb_article&sysparm_article=KB0023293
- https://github.com/win3zz/CVE-2026-1731
- https://www.beyondtrust.com/trust-center/security-advisories/bt26-02
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-1731
- https://www.greynoise.io/blog/reconnaissance-beyondtrust-rce-cve-2026-1731
Связанные уязвимости
BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.
Уязвимость средства удаленной поддержки BeyondTrust Remote Support и средства удаленного доступа BeyondTrust Privileged Remote Access, связанная с непринятием мер по нейтрализации специальных элементов, используемых в команде операционной системы, позволяющая нарушителю выполнить произвольный код