Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.9
Rongzhitong Visual Platform Allows Unrestricted Access to User Data
CVE-2026-2668
Summary
A security flaw in Rongzhitong's Visual Integrated Command and Dispatch Platform may allow an attacker to access user data without permission. This affects users of the platform, as their sensitive information could be compromised. It's recommended that users update the platform to the latest version to mitigate this risk.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| rongzhitong | visual_integrated_command_and_dispatch_platform | <= 2026-02-06 | – |
Original title
A vulnerability was found in Rongzhitong Visual Integrated Command and Dispatch Platform up to 20260206. This affects an unknown function of the file /dm/dispatch/user/add of the component User Han...
Original description
A vulnerability was found in Rongzhitong Visual Integrated Command and Dispatch Platform up to 20260206. This affects an unknown function of the file /dm/dispatch/user/add of the component User Handler. The manipulation results in improper access controls. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
nvd CVSS2.0
7.5
nvd CVSS3.1
7.3
nvd CVSS4.0
6.9
Vulnerability type
CWE-266
Incorrect Privilege Assignment
CWE-284
Improper Access Control
- https://github.com/21151213732/CVE/blob/main/VICDP-Unauthorized%20Access2.md Exploit Third Party Advisory
- https://vuldb.com/?ctiid.346465 Permissions Required VDB Entry
- https://vuldb.com/?id.346465 Third Party Advisory VDB Entry
- https://vuldb.com/?submit.753283 Third Party Advisory VDB Entry
Published: 18 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026