CVE-2026-50043
HighCVSS 7.2Exploitation Probability (EPSS)
Elevated risk62th percentile — higher than 62% of all known CVEs
Summary
An OS command injection vulnerability exists in SkyBridge MB-A100/MB-A110 devices. The issue is caused by improper neutralization of special elements used in OS commands.
Risk Assessment
An attacker with administrative privileges can execute arbitrary OS commands, leading to full device compromise and potential network-wide impact.
Recommendation
Immediately update the firmware of SkyBridge MB-A100/MB-A110 devices to the latest version provided by the vendor. Restrict administrative access to trusted IP addresses only.
Original NVD description (English source)
Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in SkyBridge MB-A100/MB-A110. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who can log in to the product with an administrative privilege.

