FKIE_CVE-2026-2624

Vulnerability from fkie_nvd - Published: 2026-02-25 13:16 - Updated: 2026-02-26 17:29
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Missing Authentication for Critical Function vulnerability in ePati Cyber ​​Security Technologies Inc. Antikor Next Generation Firewall (NGFW) allows Authentication Bypass.This issue affects Antikor Next Generation Firewall (NGFW): from v.2.0.1298 before v.2.0.1301.
References
iletisim@usom.gov.trhttps://www.usom.gov.tr/bildirim/tr-26-0082Third Party Advisory
Impacted products
Vendor Product Version
epati antikor_next_generation_firewall *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:epati:antikor_next_generation_firewall:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "959FF153-E879-419E-B290-FC7014AA1D6A",
              "versionEndExcluding": "2.0.1301",
              "versionStartIncluding": "2.0.1298",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Missing Authentication for Critical Function vulnerability in ePati Cyber \u200b\u200bSecurity Technologies Inc. Antikor Next Generation Firewall (NGFW) allows Authentication Bypass.This issue affects Antikor Next Generation Firewall (NGFW): from v.2.0.1298 before v.2.0.1301."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de autenticaci\u00f3n faltante para funci\u00f3n cr\u00edtica en el Cortafuegos de Pr\u00f3xima Generaci\u00f3n (NGFW) Antikor de ePati Cyber ??Security Technologies Inc. permite la omisi\u00f3n de autenticaci\u00f3n. Este problema afecta al Cortafuegos de Pr\u00f3xima Generaci\u00f3n (NGFW) Antikor: desde la v.2.0.1298 anterior a la v.2.0.1301."
    }
  ],
  "id": "CVE-2026-2624",
  "lastModified": "2026-02-26T17:29:01.797",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "iletisim@usom.gov.tr",
        "type": "Primary"
      }
    ]
  },
  "published": "2026-02-25T13:16:05.373",
  "references": [
    {
      "source": "iletisim@usom.gov.tr",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.usom.gov.tr/bildirim/tr-26-0082"
    }
  ],
  "sourceIdentifier": "iletisim@usom.gov.tr",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-306"
        }
      ],
      "source": "iletisim@usom.gov.tr",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.