CVE-2026-41688 | ellite Wallos up to 4.8.4 HTTP Endpoint gethostbyname server-side request forgery

A vulnerability described as critical has been identified in ellite Wallos up to 4.8.4. This vulnerability affects the function gethostbyname of the component HTTP Endpoint. Executing a manipulation can lead to server-side request forgery.

This vulnerability is registered as CVE-2026-41688. It is possible to launch the attack remotely. No exploit is available.

It is best practice to apply a patch to resolve this issue.VulDB Recent EntriesRead More