Primary

Context

Atlona AT-OME-MS42 Matrix Switcher Command Execution Vulnerability

Vulnerability

A command execution vulnerability has been identified in the Atlona AT-OME-MS42 Matrix Switcher, specifically in version 1.1.2. This vulnerability allows remote authenticated users to execute arbitrary commands with root privileges. The issue arises in the '/cgi-bin/time.cgi' component, where a specially crafted POST request containing a 'serverName' parameter can be used to exploit the vulnerability.

Impact

Exploitation of this vulnerability could lead to unauthorized command execution on the device, with root privileges.

Remediation

Users are advised to apply the official update for their system. Details can be found on the Atlona product page for the AT-OME-MS42 Matrix Switcher.

Added: May 8, 2026, 6:34 AM

Updated: May 8, 2026, 6:34 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

0.0

relevance

7.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

0.0

relevance

7.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Atlona AT-OME-MS42 Matrix Switcher Command Execution Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating