CVE-2026-1731
CRITICAL WAF: High
CVSS 9.8
Published: 2026-02-06
CWE-78
BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.
WAF Coverage Analysis
OS Command Injection
High WAF Coverage
OWASP: A03:2021 Injection
932xxx - Remote Code Execution
Affected Software
| Vendor | Product | Version |
|---|---|---|
| beyondtrust | privileged_remote_access | up to 25.1 |
| beyondtrust | remote_support | up to 25.3.2 |
References
- beyondtrustcorp.service-now.com (Permissions Required)
- www.beyondtrust.com (Vendor Advisory)
- github.com (Exploit, Third Party Advisory)
- www.cisa.gov (US Government Resource)
- www.greynoise.io (Third Party Advisory)