Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Tue, 07 Jul 2026 19:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Authenticated Remote Code Execution via Command Injection in myVesta FTP User Deletion |
Tue, 07 Jul 2026 11:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Authenticated Remote Code Execution via FTP Username Deletion |
Mon, 06 Jul 2026 19:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Mon, 06 Jul 2026 18:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Authenticated Remote Code Execution via FTP Username Deletion |
Mon, 06 Jul 2026 13:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Authenticated Remote Code Execution via FTP Username Delete Parameter in myVesta |
Mon, 06 Jul 2026 00:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Authenticated Remote Code Execution via FTP Username Delete Parameter in myVesta |
Sun, 05 Jul 2026 16:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Authenticated Remote Code Execution via Command Injection in myVesta FTP User Deletion |
Sun, 05 Jul 2026 12:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Authenticated Remote Code Execution via Command Injection in myVesta FTP User Deletion |
Sun, 05 Jul 2026 04:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Authenticated Remote Code Execution in myVesta via FTP Username Deletion |
Sat, 04 Jul 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Authenticated Remote Code Execution in myVesta via FTP Username Deletion |
Sat, 04 Jul 2026 11:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | myVesta is affected by an authenticated remote code execution vulnerability. Low privileged users can insert arbitrary commands as a part of the v_ftp_user parameter when deleting FTP usernames. This could result in the execution of commands as the admin user or takevoer of the admin user in myVesta. | |
| Weaknesses | CWE-78 | |
| References |
| |
| Metrics |
cvssV4_0
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: PRJBLK
Published:
Updated: 2026-07-06T18:31:10.303Z
Reserved: 2026-06-14T07:01:17.476Z
Link: CVE-2026-12195
Updated: 2026-07-06T18:30:47.149Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-07T19:00:15Z