CVE DATABASE / CVE-2026-22679
CVE-2026-22679
Summary
Weaver (Fanwei) E-cology 10.0 versions prior to 20260312 contain an unauthenticated remote code execution vulnerability in the /papi/esearch/data/devops/dubboApi/debug/method endpoint that allows attackers to execute arbitrary commands by invoking exposed debug functionality. Attackers can craft POST requests with attacker-controlled interfaceName and methodName parameters to reach command-execution helpers and achieve arbitrary command execution on the system. Exploitation evidence was first observed by the Shadowserver Foundation on 2026-03-31 (UTC).
CVSS 3.1 breakdown
| Base score | 9.8 (CRITICAL) |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Attack vector | NETWORK |
| Attack complexity | LOW |
| Privileges required | NONE |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity | HIGH |
| Availability | HIGH |
Weakness type (CWE)
Affected products
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
Our coverage
- JDownloader Site Hacked, Installers Swapped with Python RAT Malware
- CVE-2026-29014: MetInfo CMS PHP Injection Exploited in the Wild
- CVE-2026-22679: Weaver E-cology RCE Exploited Since March — Patch Now
References
- https://h4cker.zip/post/d5d211/
- https://ti.qianxin.com/vulnerability/notice-detail/1760
- https://www.vulncheck.com/advisories/weaver-e-cology-unauthenticated-rce-via-dubboapi-debug-endpoint
- https://www.weaver.com.cn/cs/securityDownload.html#
- https://blog.vega.io/posts/cve-2026-22679-weaver-ecology-exploitation/
Data: NIST NVD. NVD last modified 2026-05-05. Always verify against the vendor advisory before acting.