Knowledgebase

Online Technical Support

Software Upgrades: Please check our latest Download section.

Search Tip: You can increase the accuracy of your searches by using as many keywords as possible. Remove any common words such as "a", "or", "the" as they will be used in the search. Do not use any operands such as +, or quotation marks to enclose phrases.

Perle Knowledgebase      
CVE-2026-23759 vulnerability

Go Back Printable Version Suggest New Article Bookmark This Article

Issue:

CVE-2026-23759 vulnerability Perle IOLAN STS/SCS Authenticated Command Injection via 'shell ps'

Cause:
This vulnerability allows an admin level user to inject commands via 'shell ps'.
The user requires full admin level privileges to the IOLAN STS/SCS unit.

Solution:
The IOLAN SCS/STS code base is read only. Any modifications stored in memory using any of the available CLI commands are cleared on a system reboot.
Only configuration file and SDK plugins will retain the set values stored in flash.

To remove CLI access, disable SSH server port 22 and port 23 in the Security->Network Services section of the configuration.
Configure the IOLAN SCS/STS only using HTTP/HTTPS Webmanager and Perle DeviceManager, as those interfaces do not have CLI access available.


How useful is this article?

Less More



Article ID: 648

Published: 3/18/2026 12:46:07 PM

Last Modified: 3/18/2026 12:52:17 PM

Keywords: vulnerability,IOLAN,CVE-2026-23759

Issue Type: FAQ


Go Back Printable Version Suggest New Article Bookmark This Article


Hi!

Have a Question? Chat with a live Product Specialist!

Have a Question?

We can provide more information about our products or arrange for a price quotation.


email-icon Send an Email
contactus-icon Send an Email callus-icon Call Us
×

Send us an Email