Back to Live Pulse
Critical
Privileged remote access
OS Command Injection

CVE-2026-1731

Description

BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.

Proof of Concept (POC) Links

Explore how this vulnerability can be reproduced or exploited.

https://github.com/win3zz/CVE-2026-1731https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-1731