CVE-2026-22679

Weaver · E-cology 10.0

Weaver E-cology 10.0 contains an unauthenticated remote code execution vulnerability in the dubboApi debug endpoint, which is currently being exploited in the wild.

Executive summary

An unauthenticated remote code execution vulnerability in Weaver E-cology 10.0 is being actively exploited in the wild, posing an immediate threat to system security.

Vulnerability

The vulnerability exists in the /papi/esearch/data/devops/dubboApi/debug/method endpoint. Unauthenticated attackers can send crafted POST requests containing malicious interfaceName and methodName parameters to execute arbitrary system commands.

Business impact

With a CVSS score of 9.8 and confirmed active exploitation, this vulnerability presents an extreme risk to organizational infrastructure. Successful exploitation allows for complete remote system compromise, data theft, and the deployment of persistent threats within the network.

Remediation

Immediate Action: Update Weaver E-cology 10.0 to version 20260312 or later immediately to remove the vulnerable debug functionality.

Proactive Monitoring: Monitor network traffic for POST requests directed at the /papi/esearch/data/devops/dubboApi/debug/method endpoint and inspect system logs for unexpected command execution.

Compensating Controls: Disable the affected debug endpoint at the web server or firewall level if an immediate update is not feasible.

Exploitation status

Public Exploit Available: Yes

Analyst recommendation

This is a critical, actively exploited vulnerability. Organizations running Weaver E-cology 10.0 must treat this as a high-priority incident and apply the necessary patches immediately to mitigate the risk of unauthorized remote command execution.