CVE-2026-24936 – An improper input validation vulnerability was found in ADM while joining a AD Domain.

CVE ID : CVE-2026-24936

Published : Feb. 3, 2026, 4:15 a.m. | 1 hour, 1 minute ago

Description : When a specific function is enabled while joining a AD Domain from ADM, an improper input parameters validation vulnerability in a specific CGI program allowing an unauthenticated remote attacker to write arbitrary data to any file on the system. By exploiting this vulnerability, attackers can overwrite critical system files, leading to a complete system compromise.
Affected products and versions include: from ADM 4.1.0 through ADM 4.3.3.ROF1 as well as from ADM 5.0.0 through ADM 5.1.1.RCI1.

Severity: 9.5 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…