Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Rongzhitong

Source -

CNA

BOS Name -

N/A

CNA CVEs -

3

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated ProductsRelated AssignersReports
3Vulnerabilities found
CVE-2026-2669
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-Not Assigned
Published-18 Feb, 2026 | 21:02
Updated-18 Feb, 2026 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rongzhitong Visual Integrated Command and Dispatch Platform User delete access control

A vulnerability was determined in Rongzhitong Visual Integrated Command and Dispatch Platform up to 20260206. This impacts an unknown function of the file /dm/dispatch/user/delete of the component User Handler. This manipulation of the argument ID causes improper access controls. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Rongzhitong
Product-Visual Integrated Command and Dispatch Platform
CWE ID-CWE-266
Incorrect Privilege Assignment
CWE ID-CWE-284
Improper Access Control
CVE-2026-2668
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-Not Assigned
Published-18 Feb, 2026 | 20:32
Updated-18 Feb, 2026 | 21:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rongzhitong Visual Integrated Command and Dispatch Platform User add access control

A vulnerability was found in Rongzhitong Visual Integrated Command and Dispatch Platform up to 20260206. This affects an unknown function of the file /dm/dispatch/user/add of the component User Handler. The manipulation results in improper access controls. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Rongzhitong
Product-Visual Integrated Command and Dispatch Platform
CWE ID-CWE-266
Incorrect Privilege Assignment
CWE ID-CWE-284
Improper Access Control
CVE-2026-2667
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-Not Assigned
Published-18 Feb, 2026 | 20:32
Updated-18 Feb, 2026 | 21:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rongzhitong Visual Integrated Command and Dispatch Platform api access control

A vulnerability has been found in Rongzhitong Visual Integrated Command and Dispatch Platform up to 20260206. The impacted element is an unknown function of the file /dispatch/api?cmd=userinfo. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Rongzhitong
Product-Visual Integrated Command and Dispatch Platform
CWE ID-CWE-266
Incorrect Privilege Assignment
CWE ID-CWE-284
Improper Access Control