Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.9
Tosei Self-service Washing Machine 4.02 Can Be Hacked Remotely
CVE-2026-2533
Summary
A bug in the Tosei Self-service Washing Machine's software can be exploited by a hacker to remotely access and control the machine. This could allow unauthorized access to sensitive information and potentially disrupt the machine's operation. We recommend the vendor be contacted to report this issue and work on a fix.
Original title
A flaw has been found in Tosei Self-service Washing Machine 4.02. Impacted is an unknown function of the file /cgi-bin/tosei_datasend.php. Executing a manipulation of the argument adr_txt_1 can lea...
Original description
A flaw has been found in Tosei Self-service Washing Machine 4.02. Impacted is an unknown function of the file /cgi-bin/tosei_datasend.php. Executing a manipulation of the argument adr_txt_1 can lead to command injection. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
nvd CVSS2.0
7.5
nvd CVSS3.1
7.3
nvd CVSS4.0
6.9
Vulnerability type
CWE-74
Injection
CWE-77
Command Injection
Published: 16 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026