CVE-2026-28517 | openDCIM up to 23.04 Configuration Parameter report_network_map.php exec dot os command injection

February 28, 2026 Yanac

A vulnerability, which was classified as critical, was found in openDCIM up to 23.04. Affected by this vulnerability is the function exec of the file report_network_map.php of the component Configuration Parameter Handler. Executing a manipulation of the argument dot can lead to os command injection.

This vulnerability appears as CVE-2026-28517. The attack may be performed from remote. There is no available exploit.

It is best practice to apply a patch to resolve this issue.VulDB Recent EntriesRead More