CVE-2026-15907 | H3C SecPath F1000-C8300 up to 20260522 ?g=log_fw_nbc_mail_jsondata subject sql injection

SecurityVulns

A vulnerability categorized as critical has been discovered in H3C SecPath F1000-C8300 up to 20260522. This impacts an unknown function of the file /webui/?g=log_fw_nbc_mail_jsondata. Executing a manipulation of the argument subject can lead to sql injection.

This vulnerability is handled as CVE-2026-15907. The attack can be executed remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure and confirmed the existence of the vulnerability. A technical fix is planned to be released.VulDB Recent EntriesRead More