CVE-2026-23759

Published: Mar 17, 2026

Modified: May 14, 2026

PUBLISHED

CVSS v3.1

7.2

HIGH

Description

Perle IOLAN STS/SCS terminal server models with firmware versions prior to 6.0 allow authenticated OS command injection via the restricted shell accessed over Telnet or SSH. The shell 'ps' command does not perform proper argument sanitization and passes user-supplied parameters into an 'sh -c' invocation running as root. An authenticated attacker who can log in to the device can inject shell metacharacters after the 'ps' subcommand to execute arbitrary OS commands with root privileges, leading to full compromise of the underlying operating system.

Vendor	Product	Versions
Perle Systems	IOLAN STS	affected `0 - < 6.0`
Perle Systems	IOLAN SCS	affected `0 - < 6.0`

Weaknesses (CWE)

CWE-78

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

References

https://www.perle.com/downloads/server_sds_sts_rackmount.shtml

product

https://www.perle.com/support_services/documentation_pdfs/iolan_scs-sds-sts_ug.pdf

product

https://www.vulncheck.com/advisories/perle-iolan-sts-scs-authenticated-command-injection-via-shell-ps

third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-23759

Description

Affected Products

Weaknesses (CWE)

CVSS v3.1 Details

References