top of page
perceptive_background_267k.jpg

A flaw has been found in AV Stumpfl Pixera Two Media Server up to 25.2 R2. Impacted is an unknown function of the component Websocket API. This manipulation cau…

Published:

2 May 2026 at 22:00:00

Alert date:

3 May 2026 at 18:00:46

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Enterprise Applications

A critical code injection vulnerability (CVE-2026-7703) has been discovered in AV Stumpfl Pixera Two Media Server up to version 25.2 R2. The flaw affects an unknown function within the WebSocket API component, allowing remote attackers to execute code injection attacks. The vulnerability can be exploited remotely and a public exploit has been published, making it actively exploitable. Users are strongly advised to upgrade to version 25.2 R3 or later to mitigate this security risk. The vulnerability poses a high risk due to its remote exploitability and the availability of public exploit code.

Technical details

Mitigation steps:

Affected products:

AV Stumpfl Pixera Two Media Server

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-7703
https://gist.github.com/TrebledJ/585a20525e45549f299d282233632608
https://help.pixera.one/changelogs-version-overviews/pixera-252-overview-changelog
https://vuldb.com/submit/805274
https://vuldb.com/vuln/360872
https://vuldb.com/vuln/360872/cti

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page