CVE-2026-6281_CVE-2026-6281

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

A potential vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow a remote authenticated user on the local network to execute arbitrary commands on the device.

AI Analysis

Remote authenticated users can execute arbitrary commands on Lenovo Personal Cloud Storage devices

Basic Information

ID CVE-2026-6281

Source lenovo

Published May 13, 2026 at 14:15

Affected Product

Vendor Lenovo

Product Personal Cloud T2s

Affected Versions Lenovo Personal Cloud T2s 0
Lenovo Personal Cloud T2Pro 0
Lenovo Personal Cloud X1s 0
Lenovo Home Storage Hub T20 0
Lenovo Home Storage Hub X20 0
Lenovo Personal Cloud T1 0
Lenovo Personal Cloud A1 0
Lenovo Personal Cloud A1s 0
Lenovo Personal Cloud T2 0
Lenovo Personal Cloud X1 0

CWE Classification

CWE-78

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor Lenovo

Product Personal Cloud Storage

References

{
    "lastseen": "",
    "description": "A potential vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow a remote authenticated user on the local network to execute arbitrary commands on the device.",
    "published": "2026-05-13T14:15:06.307Z",
    "modified": "2026-05-13T14:15:06.307Z",
    "type": "cve",
    "title": "CVE-2026-6281",
    "source": "lenovo",
    "references": "https://iknow.lenovo.com.cn/detail/440274\nhttps://pc.lenovo.com.cn/tips/Ann/t1_eol.html",
    "id": "CVE-2026-6281",
    "bulletinFamily": "",
    "cwe": [
        "CWE-78"
    ],
    "cvelist": null,
    "sourceData": "Lenovo Personal Cloud T2s 0\nLenovo Personal Cloud T2Pro 0\nLenovo Personal Cloud X1s 0\nLenovo Home Storage Hub T20 0\nLenovo Home Storage Hub X20 0\nLenovo Personal Cloud T1 0\nLenovo Personal Cloud A1 0\nLenovo Personal Cloud A1s 0\nLenovo Personal Cloud T2 0\nLenovo Personal Cloud X1 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Personal Cloud T2s",
    "version": "0",
    "vendor": "Lenovo",
    "ai_description": "Remote authenticated users can execute arbitrary commands on Lenovo Personal Cloud Storage devices",
    "ai_severity": "High",
    "ai_vendor": "Lenovo",
    "ai_product": "Personal Cloud Storage",
    "ai_version": "0",
    "ai_score": 8.7
}