CVE-2026-39906— Unisys WebPerfect Image Suite 3.0 NTLMv2 Hash Leakage via .NET Remoting
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-39906
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Unisys WebPerfect Image Suite 3.0 NTLMv2 Hash Leakage via .NET Remoting
Source: NVD (National Vulnerability Database)
Vulnerability Description
Unisys WebPerfect Image Suite versions 3.0.3960.22810 and 3.0.3960.22604 expose a deprecated .NET Remoting TCP channel that allows remote unauthenticated attackers to leak NTLMv2 machine-account hashes by supplying a Windows UNC path as a target file argument through object-unmarshalling techniques. Attackers can capture the leaked NTLMv2 hash and relay it to other hosts to achieve privilege escalation or lateral movement depending on network configuration and patch level.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
未有动机的代理或中间人(混淆代理)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Unisys WebPerfect Image Suite 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Unisys WebPerfect Image Suite是美国Unisys公司的一个企业文档影像处理与管理系统。 Unisys WebPerfect Image Suite 3.0.3960.22810版本和3.0.3960.22604版本存在安全漏洞,该漏洞源于暴露了已弃用的.NET Remoting TCP通道,可能导致远程未经验证的攻击者通过对象反序列化技术泄露NTLMv2机器账户哈希。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Unisys | WebPerfect Image Suite | 3.0.3960.22810 | - |
II. Public POCs for CVE-2026-39906
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-39906
请登录查看更多情报信息。
- Unisys - WebPerfect Image Suite - CVE-2026-39906 / CVE-2026-39907 · GitHubtechnical-descriptionexploit
- https://nvd.nist.gov/vuln/detail/CVE-2026-39906
IV. Related Vulnerabilities
Same weakness: CWE-441
- CVE-2026-45182
GrapheneOS 20260504前IP泄露漏洞 - CVE-2026-41365
OpenClaw < 2026.3.31 - Sender Allowlist Bypass via Graph API - CVE-2026-6993
go-kratos http.DefaultServeMux Fallback server.go NewServer - CVE-2025-62718
Axios has a NO_PROXY Hostname Normalization Bypass that Lead - CVE-2026-27124
FastMCP: Missing Consent Verification in OAuth Proxy Callbac
V. Comments for CVE-2026-39906
No comments yet