CVE-2026-3824

MEDIUM EPSS 9.3%

Published Mar 11, 20263mo ago · Modified Jun 17, 20261w ago

5.1 CVSS 4.0

Medium

Published Mar 11, 2026 3mo ago

Last Modified Jun 17, 2026 1w ago

Description

IFTOP developed by WellChoose has an Open redirect vulnerability, allowing authenticated remote attackers to craft a URL that tricks users into visiting malicious website.

CVSS Details

Base Score

5.1

Exploitability

—

Impact

—

Vector string

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector Network

Attack Complexity Low

Privileges Required None

User Interaction A

Scope X

Threat Intelligence

EPSS Exploit Probability

9.3% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-601

Affected Products 1

Vendor	Product	Version	Range
wellchoose	organization_portal_system	*	<iftop_p4_181

References 2

twcert.org.tw https://www.twcert.org.tw/en/cp-139-10756-73f66-2.html

Third Party Advisory
twcert.org.tw https://www.twcert.org.tw/tw/cp-132-10755-94136-1.html

Third Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.