Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
Planet ICG-2510 1.0_20250811: Remote Code Execution through Language Configuration
CVE-2026-3697
Summary
A security flaw in Planet ICG-2510's configuration handler can be exploited by an attacker to run malicious code remotely. This could allow an attacker to take control of your server. The vendor has not provided a fix or response to this issue, so you should consider updating to a fixed version or seeking support from the vendor.
Original title
A vulnerability was determined in Planet ICG-2510 1.0_20250811. The impacted element is the function sub_40C8E4 of the file /usr/sbin/httpd of the component Language Package Configuration Handler. ...
Original description
A vulnerability was determined in Planet ICG-2510 1.0_20250811. The impacted element is the function sub_40C8E4 of the file /usr/sbin/httpd of the component Language Package Configuration Handler. Executing a manipulation of the argument Language can lead to stack-based buffer overflow. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.
nvd CVSS2.0
6.5
nvd CVSS3.1
6.3
nvd CVSS4.0
5.3
Vulnerability type
CWE-119
Buffer Overflow
CWE-121
Stack-based Buffer Overflow
Published: 8 Mar 2026 · Updated: 13 Mar 2026 · First seen: 8 Mar 2026