top of page
perceptive_background_267k.jpg

Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. Prior to 2026-05-07, Pi.Alert's web-based configuration editor allows arbitrary Python c…

Published:

26 mei 2026 om 22:00:00

Alert date:

27 mei 2026 om 21:06:41

Source:

nvd.nist.gov

Click to open the original link from this advisory

Mobile & IoT, Network Infrastructure, Web Technologies

Pi.Alert WIFI/LAN intruder detector contains a critical remote code execution vulnerability in its web-based configuration editor. The flaw allows arbitrary Python code injection into pialert.conf file, which executes via the background scan daemon process. With web protection disabled by default, no authentication is required, making this an unauthenticated RCE vulnerability. The vulnerability affects versions prior to 2026-05-07 and has been patched in the latest release.

Technical details

Mitigation steps:

Affected products:

Pi.Alert

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-44887
https://github.com/leiweibau/Pi.Alert/security/advisories/GHSA-r59g-5wf9-f7vv

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page