CVE-2026-21718
published 2026-02-27CVE-2026-21718: An authentication bypass vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, enabling any attackers to bypass the authentication requirement…
PriorityP265critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.43%
34.3th percentile
An authentication bypass vulnerability exists in Copeland XWEB Pro
version 1.12.1 and prior, enabling any attackers to bypass the
authentication requirement and achieve pre-authenticated code execution
on the system.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| copeland | copeland_xweb_300d_pro | <= 1.12.1 | — |
| copeland | copeland_xweb_500b_pro | <= 1.12.1 | — |
| copeland | copeland_xweb_500d_pro | <= 1.12.1 | — |
| copeland | xweb_300d_pro_firmware | <= 1.12.1 | — |
| copeland | xweb_500b_pro_firmware | <= 1.12.1 | — |
| copeland | xweb_500d_pro_firmware | <= 1.12.1 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Copeland XWEB and XWEB Pro
cisa_ics·2026-02-26·CVSS 8.0
[HIGH] Copeland XWEB and XWEB Pro
ICS Advisory
##
Copeland XWEB and XWEB Pro
Release DateFebruary 26, 2026
Alert CodeICSA-26-057-10
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## Summary
Successful exploitation of these vulnerabilities could allow an attacker to bypass authentication, cause a denial-of-service condition, cause memory corruption, and execute arbitrary code.
The following versions of Copeland XWEB and XWEB Pro are affected:
- XWEB 300D PRO <=1.12.1 (CVE-2026-25085, CVE-2026-21718, CVE-2026-24663, CVE-2026-21389, CVE-2026-25111, CVE-2026-20742, CVE-2026-24517, CVE-2026-25195, CVE-2026-20910, CVE-2026-24689, CVE-2026-25109, CVE-2026-20902, CVE-2026-24695, CVE-2026-25105, CVE-2026-24452, CVE-2026-23702, CVE-2026-25721, CVE-2026
GHSA
GHSA-7r34-g88h-g49f: An authentication bypass vulnerability exists in Copeland XWEB Pro
version 1
ghsa_unreviewed·2026-02-27
CVE-2026-21718 [CRITICAL] CWE-327 GHSA-7r34-g88h-g49f: An authentication bypass vulnerability exists in Copeland XWEB Pro
version 1
An authentication bypass vulnerability exists in Copeland XWEB Pro
version 1.12.1 and prior, enabling any attackers to bypass the
authentication requirement and achieve pre-authenticated code execution
on the system.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-02-27
Published