CVE-2026-8233

MEDIUM 4.6

Dotouch XproUPF access control

CVSS Score

4.6

EPSS Score

0.0%

EPSS Percentile

4th

A vulnerability was determined in Dotouch XproUPF 2.0.0-release-088aa7c4. Affected is an unknown function of the component UPF. This manipulation causes improper access controls. A high degree of complexity is needed for the attack. The exploitability is told to be difficult. The vendor was contacted early about this disclosure.

CWE	CWE-284 CWE-266
Vendor	dotouch
Product	xproupf
Published	May 10, 2026
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for dotouch xproupf

Be the first to know when new medium vulnerabilities affecting dotouch xproupf are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:X

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

Dotouch / XproUPF

2.0.0-release-088aa7c4

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/vuln/362450 vuldb.com: https://vuldb.com/vuln/362450/cti vuldb.com: https://vuldb.com/submit/808799

Credits

🔍 LinZiyu (VulDB User) ZiyuLin (VulDB User) VulDB CNA Team