CVE-2026-22317 — A command injection vulnerability in the device’s Root CA certificate transfer workflow allows a high-privileged attacker to send crafted HTTP POST requests that result in arbitrary command execution — CVE Database · The Intelligence Room