A vulnerability was found in Peplink InControl up to 2026-06-03 . It has been rated as problematic . This vulnerability affects unknown code of the file /rest/o . Performing a manipulation results in incorrect behavior order: authorization before parsing and canonicalization. This vulnerability is reported as CVE-2026-57920 . The attack is possible to be carried out remotely. No exploit exists. This product is a managed service, indicating that users are not permitted to maintain vulnerability c