Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.3
WellChoose IFTOP allows remote code execution on server
CVE-2026-3826
Summary
The IFTOP software developed by WellChoose has a security weakness that could allow an attacker to execute malicious code on your server without needing a password. This means that an attacker could potentially access and modify sensitive data, or even use your server to launch further attacks. You should update to the latest version of IFTOP to fix this issue.
Original title
IFTOP developed by WellChoose has a Local File Inclusion vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server.
Original description
IFTOP developed by WellChoose has a Local File Inclusion vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server.
nvd CVSS3.1
9.8
nvd CVSS4.0
9.3
Vulnerability type
CWE-98
Improper Control of Filename for Include
Published: 11 Mar 2026 · Updated: 13 Mar 2026 · First seen: 11 Mar 2026