Tag

Cve-2026-22679

2 briefs RSS

Weaver E-cology Unauthenticated RCE Exploitation

A critical unauthenticated remote code execution vulnerability (CVE-2026-22679) in Weaver E-cology office automation software is being actively exploited to execute system commands and reconnaissance activities on affected servers.

exploited E-cology 10.0 +1 rce weaver-ecology cve-2026-22679 exploitation

2r 2t 1c May 5, 2026

critical advisory

Weaver E-cology Unauthenticated RCE via Dubbo API Debug Endpoint

3 rules 1 TTP 1 CVE

Weaver E-cology 10.0 before 20260312 is vulnerable to unauthenticated remote code execution, allowing attackers to execute arbitrary commands by crafting a POST request to the /papi/esearch/data/devops/dubboApi/debug/method endpoint.

weaver e-cology rce unauthenticated cve-2026-22679

3r 1t 1c Apr 7, 2026