| عنوان | Sangfor Operation and Maintenance Management System (OSM / 运维安全管理系统) 3.0.8 OS Command Injection |
|---|
| الوصف | A critical Remote Command Execution (RCE) vulnerability exists in the Sangfor Operation and Maintenance Management System (OSM) version 3.0.8. The vulnerability is located in the /isomp-protocol/protocol/session endpoint.
The application fails to properly sanitize user input in the hostname parameter of an HTTP POST request. Code analysis reveals that the backend retrieves the hostname parameter and concatenates it directly into a shell command string (likely related to network connection tests or session initialization). This string is then executed by the system shell. Because the application does not filter shell metacharacters, an unauthenticated remote attacker can inject commands using a semicolon (;) or other operators. This allows the execution of arbitrary system commands with the privileges of the web service (typically root or tomcat). |
|---|
| المصدر | ⚠️ https://github.com/master-abc/cve/issues/14 |
|---|
| المستخدم | jiefengliang (UID 93721) |
|---|
| ارسال | 30/12/2025 05:42 PM (6 أشهر منذ) |
|---|
| الاعتدال | 09/01/2026 06:12 PM (10 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 340347 [Sangfor Operation and Maintenance Management System حتى 3.0.8 session SessionController اسم المضيف تجاوز الصلاحيات] |
|---|
| النقاط | 20 |
|---|