CVE-2026-23759

HIGH 7.2

Perle IOLAN STS/SCS Authenticated Command Injection via 'shell ps'

CVSS Score

7.2

EPSS Score

0.0%

EPSS Percentile

0th

Perle IOLAN STS/SCS terminal server models with firmware versions prior to 6.0 allow authenticated OS command injection via the restricted shell accessed over Telnet or SSH. The shell 'ps' command does not perform proper argument sanitization and passes user-supplied parameters into an 'sh -c' invocation running as root. An authenticated attacker who can log in to the device can inject shell metacharacters after the 'ps' subcommand to execute arbitrary OS commands with root privileges, leading to full compromise of the underlying operating system.

CWE	CWE-78
Vendor	perle systems
Product	iolan sts
Published	Mar 17, 2026
Last Updated	Mar 17, 2026

Stay Ahead of the Next One

Get instant alerts for perle systems iolan sts

Be the first to know when new high vulnerabilities affecting perle systems iolan sts are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

Perle Systems / IOLAN STS

0 < 6.0

Perle Systems / IOLAN SCS

0 < 6.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

perle.com: https://www.perle.com/downloads/server_sds_sts_rackmount.shtml perle.com: https://www.perle.com/support_services/documentation_pdfs/iolan_scs-sds-sts_ug.pdf vulncheck.com: https://www.vulncheck.com/advisories/perle-iolan-sts-scs-authenticated-command-injection-via-shell-ps

Credits

Victor A. Morales, Senior Pentester Team Leader, GM Sectec, Corp. Omar Crespo, Pentester, GM Sectec, Corp. VulnCheck