{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-20759", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "state": "PUBLISHED", "assignerShortName": "jpcert", "dateReserved": "2026-01-14T04:14:37.678Z", "datePublished": "2026-01-16T08:16:45.444Z", "dateUpdated": "2026-01-16T13:45:56.900Z"}, "containers": {"cna": {"affected": [{"vendor": "TOA Corporation", "product": "Multiple Network Cameras TRIFORA 3 series", "versions": [{"version": "see the information provided by the vendor", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "OS Command Injection vulnerability exists in multiple Network Cameras TRIFORA 3 series provided by TOA Corporation, which may allow a logged-in user with the low(\"monitoring user\") or higher privilege to execute an arbitrary OS command."}], "problemTypes": [{"descriptions": [{"description": "Improper neutralization of special elements used in an OS command ('OS Command Injection')", "lang": "en-US", "cweId": "CWE-78", "type": "CWE"}]}], "references": [{"url": "https://www.toa-products.com/securityinfo/pdf/tv2025-001jp.pdf"}, {"url": "https://jvn.jp/en/jp/JVN08087148/"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_0": {"version": "3.0", "baseSeverity": "HIGH", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}}, {"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV4_0": {"version": "4.0", "baseSeverity": "HIGH", "baseScore": 8.7, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2026-01-16T08:16:45.444Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-16T13:45:46.734639Z", "id": "CVE-2026-20759", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-16T13:45:56.900Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-20759", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-01-16T13:45:46.734639Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-16T13:45:51.364Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV4_0": {"version": "4.0", "baseScore": 8.7, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"vendor": "TOA Corporation", "product": "Multiple Network Cameras TRIFORA 3 series", "versions": [{"status": "affected", "version": "see the information provided by the vendor"}]}], "references": [{"url": "https://www.toa-products.com/securityinfo/pdf/tv2025-001jp.pdf"}, {"url": "https://jvn.jp/en/jp/JVN08087148/"}], "descriptions": [{"lang": "en", "value": "OS Command Injection vulnerability exists in multiple Network Cameras TRIFORA 3 series provided by TOA Corporation, which may allow a logged-in user with the low(\"monitoring user\") or higher privilege to execute an arbitrary OS command."}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "CWE", "cweId": "CWE-78", "description": "Improper neutralization of special elements used in an OS command ('OS Command Injection')"}]}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2026-01-16T08:16:45.444Z"}}}, "cveMetadata": {"cveId": "CVE-2026-20759", "state": "PUBLISHED", "dateUpdated": "2026-01-16T13:45:56.900Z", "dateReserved": "2026-01-14T04:14:37.678Z", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "datePublished": "2026-01-16T08:16:45.444Z", "assignerShortName": "jpcert"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "OS Command Injection vulnerability exists in multiple Network Cameras TRIFORA 3 series provided by TOA Corporation, which may allow a logged-in user with the low(\"monitoring user\") or higher privilege to execute an arbitrary OS command."}, {"lang": "es", "value": "Vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo existe en m\u00faltiples c\u00e1maras de red de la serie TRIFORA 3 proporcionadas por TOA Corporation, lo que podr\u00eda permitir a un usuario autenticado con el privilegio bajo ('usuario de monitoreo') o superior ejecutar un comando arbitrario del sistema operativo."}], "id": "CVE-2026-20759", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "vultures@jpcert.or.jp", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "vultures@jpcert.or.jp", "type": "Secondary"}]}, "published": "2026-01-16T09:16:22.050", "references": [{"source": "vultures@jpcert.or.jp", "url": "https://jvn.jp/en/jp/JVN08087148/"}, {"source": "vultures@jpcert.or.jp", "url": "https://www.toa-products.com/securityinfo/pdf/tv2025-001jp.pdf"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "vultures@jpcert.or.jp", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-18T16:05:48.470442+00:00", "value": {"mitigation_remediation": ["Update the camera firmware to a patched version that resolves the command\u2011injection issue, following the vendor\u2019s release notes.", "If no patch is available, isolate the camera by restricting access to its management interface to trusted IP addresses or dedicated VLANs.", "Enforce strict user\u2011account management: disable or remove monitoring accounts that are not required, and enforce strong passwords.", "Enable and monitor activity logs for abnormal command\u2011execution events to detect possible exploitation attempts."], "summary": {"action": "Apply Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The affected equipment is the TRIFORA 3 series network cameras made by TOA Corporation. No specific firmware versions are listed, so any camera that is running the vulnerable firmware should be considered at risk until an updated image is applied.", "description_and_impact": "An OS command injection flaw exists in TOA Corporation\u2019s TRIFORA 3 series network cameras. The vulnerability allows an authenticated user with monitoring or higher privileges to inject and run arbitrary operating\u2011system commands, granting full control over the device\u2019s firmware. This is classified as CWE\u201178, indicating improper input validation in a command execution path.", "risk_and_exploitability": "The CVSS score of 8.7 places the issue in the high\u2011risk category, and the EPSS score of less than 1% shows that exploitation probability is presently low. The vulnerability is not included in CISA KEV. An attacker must first authenticate to the camera\u2019s administrative interface, then send crafted input to trigger the command injection. Successful exploitation results in arbitrary code execution on the device, potentially enabling lateral movement or data exfiltration."}}}}, "created": "2026-01-16T13:41:28.644456+00:00", "title": "Command Injection in TOA TRIFORA 3 Series Network Cameras Enabling Remote Code Execution", "updated": "2026-04-18T16:15:04.597510+00:00", "vendors": ["toa_corporation", "toa_corporation$PRODUCT$trifora_3_series"]}