CVE-2026-8233 LOW

CVE-2026-8233: Dotouch XproUPF access control

Vendor Dotouch

Product XproUPF

Weakness CWE-284

Published May 10, 2026

Last update May 11, 2026

View on NVD All CVEs

CVSS base score

2.1/10

Attack vector Adjacent

Attack complexity High

Privileges required Low

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X

What the vulnerability does

01Description

A vulnerability was determined in Dotouch XproUPF 2.0.0-release-088aa7c4. Affected is an unknown function of the component UPF. This manipulation causes improper access controls. A high degree of complexity is needed for the attack. The exploitability is told to be difficult. The vendor was contacted early about this disclosure.

Key dates

02Disclosure timeline

May 10, 2026 CVE published

May 11, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2026-8233

Related vulnerabilities

04Related CVE

CVE-2025-53360 pluginsGLPI's Database Inventory Plugin allows any authenticated user to send agent requests CVE-2019-1686 Cisco ASR 9000 Series Aggregation Services Routers ACL Bypass Vulnerability CVE-2023-39973 Extension - acymailing.com - Improper Access Control in AcyMailing Enterprise component for Joomla 6.7.0-8.6.3 CVE-2024-20695 Skype for Business Information Disclosure Vulnerability CVE-2020-3186 Cisco Firepower Threat Defense Software Management Access List Bypass Vulnerability