CVE-2026-7698 | Tiandy Easy7 Integrated Management Platform 7.17.0 updateDbBackupInfo week os command injection

A vulnerability, which was classified as critical, was found in Tiandy Easy7 Integrated Management Platform 7.17.0. Affected by this vulnerability is an unknown functionality of the file /Easy7/rest/systemInfo/updateDbBackupInfo. Such manipulation of the argument week leads to os command injection.

This vulnerability is documented as CVE-2026-7698. The attack can be executed remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More