CVE-2026-11801 | Router management interface exposed to the public internet

CVE CVE-2026-11801

Title Router management interface exposed to the public internet

Case Number VAPT-2026-00002

Status

Published

Credits

R. Navarro (finder)

Affected products

Product	Affected	Unaffected	Unknown
Sentinel Research Collective VAPT Edge Controller 3.x and downstream deployments with legacy admin exposure	VAPT Edge Controller 3.0.0 through 3.4.7	VAPT Edge Controller 3.4.8 and later with restricted management exposure	Unknown

CVSS

Base score	8.2 - HIGH `CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L`
Attack Vector	NETWORK
Attack Complexity	LOW
Privileges Required	LOW
User Interaction	NONE
Scope	UNCHANGED
Confidentiality Impact	HIGH
Integrity Impact	HIGH
Availability Impact	LOW

References

Remediation guidance (Public reference)
Operator hardening checklist (Public reference)

Problem type(s)

CWE / Problem Type	MITRE Tactics	MITRE Techniques
	Not mapped	Not mapped

Date published Feb 18, 2026

Last modified Apr 10, 2026, 13:43 UTC

Description

The affected deployments exposed an inherited administrative listener to the public internet and did not consistently enforce MFA or origin restrictions on management requests. This lowered the barrier for credential attacks and privileged reconfiguration.

Known Detection Rules

No authenticated YARA, Sigma, or KQL detection content is attached to this CVE.

References

Remediation guidance

Public reference visible on this CVE page.

Public reference

Operator hardening checklist

Public reference visible on this CVE page.

Public reference