{"id":"CVE-2026-22209","details":"thingino-firmware up to commit e3f6a41 (published on 2026-03-15) contains an unauthenticated os command injection vulnerability in the WiFi captive portal CGI script that allows remote attackers to execute arbitrary commands as root by injecting malicious code through unsanitized HTTP parameter names. Attackers can exploit the eval function in parse_query() and parse_post() functions to achieve remote code execution and perform privileged configuration changes including root password reset and SSH authorized_keys modification, resulting in full persistent device compromise.","modified":"2026-04-10T05:39:39.493192Z","published":"2026-03-13T19:54:11.003Z","references":[{"type":"WEB","url":"https://github.com/themactep/thingino-firmware/releases/tag/firmware-2026-03-15"},{"type":"ADVISORY","url":"https://www.vulncheck.com/advisories/thingino-firmware-api-cgi-unauthenticated-command-injection-in-captive-portal"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/themactep/thingino-firmware","events":[{"introduced":"0"},{"fixed":"4d20fdf3700550087eab39179fb75716247b9a7c"}]}],"versions":["firmware-2024-11-09","firmware-2024-11-10","firmware-2024-11-11","firmware-2024-11-12","firmware-2024-11-13","firmware-2024-11-14","firmware-2024-11-15","firmware-2024-11-16","firmware-2024-11-17","firmware-2024-11-18","firmware-2024-11-19","firmware-2024-11-20","firmware-2024-11-21","firmware-2024-11-23","firmware-2024-11-24","firmware-2024-11-25","firmware-2024-11-26","firmware-2024-11-27","firmware-2024-11-28","firmware-2024-11-29","firmware-2024-12-01","firmware-2024-12-02","firmware-2024-12-03","firmware-2024-12-04","firmware-2024-12-05","firmware-2024-12-06","firmware-2024-12-07","firmware-2024-12-08","firmware-2024-12-09","firmware-2024-12-10","firmware-2024-12-11","firmware-2024-12-12","firmware-2024-12-13","firmware-2024-12-14","firmware-2024-12-15","firmware-2024-12-16","firmware-2024-12-17","firmware-2024-12-18","firmware-2024-12-19","firmware-2024-12-20","firmware-2024-12-21","firmware-2024-12-22","firmware-2024-12-23","firmware-2024-12-24","firmware-2024-12-25","firmware-2024-12-26","firmware-2024-12-27","firmware-2024-12-28","firmware-2024-12-29","firmware-2024-12-30","firmware-2024-12-31","firmware-2025-01-01","firmware-2025-01-02","firmware-2025-01-03","firmware-2025-01-04","firmware-2025-01-05","firmware-2025-01-06","firmware-2025-01-07","firmware-2025-01-08","firmware-2025-01-09","firmware-2025-01-10","firmware-2025-01-11","firmware-2025-01-12","firmware-2025-01-13","firmware-2025-01-14","firmware-2025-01-15","firmware-2025-01-16","firmware-2025-01-17","firmware-2025-01-18","firmware-2025-01-19","firmware-2025-01-20","firmware-2025-01-21","firmware-2025-01-22","firmware-2025-01-23","firmware-2025-01-24","firmware-2025-01-25","firmware-2025-01-26","firmware-2025-01-27","firmware-2025-01-28","firmware-2025-02-05","firmware-2025-02-06","firmware-2025-02-07","firmware-2025-02-08","firmware-2025-02-09","firmware-2025-02-11","firmware-2025-02-12","firmware-2025-02-13","firmware-2025-02-14","firmware-2025-02-15","firmware-2025-02-16","firmware-2025-02-17","firmware-2025-02-18","firmware-2025-02-19","firmware-2025-02-20","firmware-2025-02-21","firmware-2025-02-22","firmware-2025-02-23","firmware-2025-02-24","firmware-2025-02-25","firmware-2025-02-26","firmware-2025-02-27","firmware-2025-02-28","firmware-2025-03-01","firmware-2025-03-02","firmware-2025-03-03","firmware-2025-03-04","firmware-2025-03-05","firmware-2025-03-06","firmware-2025-03-07","firmware-2025-03-08","firmware-2025-03-09","firmware-2025-03-10","firmware-2025-03-11","firmware-2025-03-12","firmware-2025-03-13","firmware-2025-03-14","firmware-2025-03-15","firmware-2025-03-16","firmware-2025-03-17","firmware-2025-03-18","firmware-2025-03-19","firmware-2025-03-20","firmware-2025-03-21","firmware-2025-03-22","firmware-2025-03-23","firmware-2025-03-24","firmware-2025-03-25","firmware-2025-03-26","firmware-2025-03-27","firmware-2025-03-28","firmware-2025-03-29","firmware-2025-03-30","firmware-2025-03-31","firmware-2025-04-01","firmware-2025-04-02","firmware-2025-04-03","firmware-2025-04-04","firmware-2025-04-05","firmware-2025-04-06","firmware-2025-04-07","firmware-2025-04-08","firmware-2025-04-09","firmware-2025-04-10","firmware-2025-04-11","firmware-2025-04-12","firmware-2025-04-13","firmware-2025-04-14","firmware-2025-04-15","firmware-2025-04-16","firmware-2025-04-17","firmware-2025-04-18","firmware-2025-04-19","firmware-2025-04-20","firmware-2025-04-21","firmware-2025-04-22","firmware-2025-04-23","firmware-2025-04-24","firmware-2025-04-25","firmware-2025-04-26","firmware-2025-04-27","firmware-2025-04-28","firmware-2025-04-29","firmware-2025-04-30","firmware-2025-05-01","firmware-2025-05-02","firmware-2025-05-03","firmware-2025-05-04","firmware-2025-05-05","firmware-2025-05-06","firmware-2025-05-07","firmware-2025-05-08","firmware-2025-05-09","firmware-2025-05-10","firmware-2025-05-11","firmware-2025-05-12","firmware-2025-05-13","firmware-2025-05-14","firmware-2025-05-15","firmware-2025-05-16","firmware-2025-05-17","firmware-2025-05-18","firmware-2025-05-19","firmware-2025-05-20","firmware-2025-05-21","firmware-2025-05-22","firmware-2025-05-23","firmware-2025-05-24","firmware-2025-05-25","firmware-2025-05-26","firmware-2025-05-27","firmware-2025-05-28","firmware-2025-05-29","firmware-2025-05-30","firmware-2025-05-31","firmware-2025-06-01","firmware-2025-06-02","firmware-2025-06-03","firmware-2025-06-04","firmware-2025-06-05","firmware-2025-06-06","firmware-2025-06-07","firmware-2025-06-08","firmware-2025-06-09","firmware-2025-06-10","firmware-2025-06-11","firmware-2025-06-12","firmware-2025-06-13","firmware-2025-06-14","firmware-2025-06-15","firmware-2025-06-16","firmware-2025-06-17","firmware-2025-06-18","firmware-2025-06-19","firmware-2025-06-20","firmware-2025-06-21","firmware-2025-06-22","firmware-2025-06-23","firmware-2025-06-24","firmware-2025-06-25","firmware-2025-06-26","firmware-2025-06-27","firmware-2025-06-28","firmware-2025-06-29","firmware-2025-06-30","firmware-2025-07-01","firmware-2025-07-02","firmware-2025-07-03","firmware-2025-07-04","firmware-2025-07-05","firmware-2025-07-06","firmware-2025-07-07","firmware-2025-07-08","firmware-2025-07-09","firmware-2025-07-10","firmware-2025-07-11","firmware-2025-07-12","firmware-2025-07-13","firmware-2025-07-14","firmware-2025-07-15","firmware-2025-07-16","firmware-2025-07-17","firmware-2025-07-18","firmware-2025-07-19","firmware-2025-07-20","firmware-2025-07-21","firmware-2025-07-22","firmware-2025-07-23","firmware-2025-07-24","firmware-2025-07-25","firmware-2025-07-26","firmware-2025-07-27","firmware-2025-07-28","firmware-2025-07-29","firmware-2025-07-30","firmware-2025-07-31","firmware-2025-08-01","firmware-2025-08-02","firmware-2025-08-03","firmware-2025-08-04","firmware-2025-08-05","firmware-2025-08-06","firmware-2025-08-07","firmware-2025-08-08","firmware-2025-08-09","firmware-2025-09-21","firmware-2025-09-22","firmware-2025-09-23","firmware-2025-09-24","firmware-2025-09-26","firmware-2025-09-28","firmware-2025-09-29","firmware-2025-09-30","firmware-2025-10-01","firmware-2025-10-02","firmware-2025-10-03","firmware-2025-10-04","firmware-2025-10-05","firmware-2025-10-06","firmware-2025-10-07","firmware-2025-10-08","firmware-2025-10-09","firmware-2025-10-10","firmware-2025-10-11","firmware-2025-10-12","firmware-2025-10-13","firmware-2025-10-15","firmware-2025-10-17","firmware-2025-10-18","firmware-2025-10-21","firmware-2025-10-22","firmware-2025-10-23","firmware-2025-10-24","firmware-2025-10-27","firmware-2025-10-28","firmware-2025-10-31","firmware-2025-11-01","firmware-2025-11-04","firmware-2025-11-09","firmware-2025-11-10","firmware-2025-11-13","firmware-2025-11-14","firmware-2025-11-16","firmware-2025-11-17","firmware-2025-11-19","firmware-2025-11-21","firmware-2025-11-22","firmware-2025-11-24","firmware-2025-11-27","firmware-2025-11-28","firmware-2025-11-30","firmware-2025-12-01","firmware-2025-12-02","firmware-2025-12-03","firmware-2025-12-04","firmware-2025-12-05","firmware-2025-12-06","firmware-2025-12-07","firmware-2025-12-08","firmware-2025-12-09","firmware-2025-12-10","firmware-2025-12-11","firmware-2025-12-12","firmware-2025-12-13","firmware-2025-12-14","firmware-2025-12-15","firmware-2025-12-16","firmware-2025-12-17","firmware-2025-12-18","firmware-2025-12-19","firmware-2025-12-21","firmware-2025-12-22","firmware-2025-12-23","firmware-2025-12-24","firmware-2025-12-25","firmware-2025-12-26","firmware-2025-12-27","firmware-2025-12-28","firmware-2025-12-29","firmware-2025-12-30","firmware-2025-12-31","firmware-2026-01-01","firmware-2026-01-02","firmware-2026-01-04","firmware-2026-01-05","firmware-2026-01-06","firmware-2026-01-07","firmware-2026-01-08","firmware-2026-01-09","firmware-2026-01-10","firmware-2026-01-11","firmware-2026-01-12","firmware-2026-01-13","firmware-2026-01-14","firmware-2026-01-19","firmware-2026-01-26","firmware-2026-02-02","firmware-2026-02-09","firmware-2026-02-16","firmware-2026-02-23","firmware-2026-03-02","firmware-2026-03-09","module","module_update","toolchain-aarch64","toolchain-arm64","toolchain-x86_64","update_cache-2025-03-27","update_cache-2025-03-30","update_cache-2025-04-06","update_cache-2025-04-13","update_cache-2025-04-20","update_cache-2025-04-27","update_cache-2025-05-04","update_cache-2025-05-11","update_cache-2025-05-18","update_cache-2025-05-25","update_cache-2025-06-01","update_cache-2025-06-08","update_cache-2025-06-15","update_cache-2025-06-22","update_cache-2025-06-29","update_cache-2025-07-06","update_cache-2025-07-13","update_cache-2025-07-20","update_cache-2025-07-27","update_cache-2025-08-03"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"7.6.47"}]},{"events":[{"introduced":"0"},{"last_affected":"unsanitized"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-22209.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}