PatchSiren

AMTT CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

LOW AMTT CVE published 2026-07-12

CVE-2026-15494

CVE-2026-15494 is a sql injection vulnerability in AMTT Hotel Broadband Operation System 1.0. The vulnerability is caused by a flaw in the file manager/network/switch_status.php. An attacker can exploit this vulnerability by manipulating the ID argument to execute a sql injection attack. The attack can be launched remotely. Security teams should assess and mitigate this vulnerability as it could impact th [truncated]