MajorDoMo RCE flaw lets attackers run code on exposed smart-home servers

A critical MajorDoMo vulnerability can let unauthenticated attackers run PHP code on exposed servers through the platform’s admin panel. The flaw is tracked as CVE-2026-27174 and affects the MajorDoMo home automation platform, also known as Major Domestic Module. The issue is serious because attackers do not need valid login credentials. A crafted request to the […] The post MajorDoMo RCE flaw lets attackers run code on exposed smart-home servers appeared first on VPN Central.