Soumettre #727214: Sangfor Operation and Maintenance Management System (OSM / 运维安全管理系统) 3.0.8 OS Command Injectioninformation

TitreSangfor Operation and Maintenance Management System (OSM / 运维安全管理系统) 3.0.8 OS Command Injection
DescriptionA critical Remote Command Execution (RCE) vulnerability exists in the Sangfor Operation and Maintenance Management System (OSM) version 3.0.8. The vulnerability is located in the /isomp-protocol/protocol/getCmd endpoint. The application fails to properly sanitize the sessionPath parameter in an HTTP POST request. Specifically, the WriterHandle.getCmd() method retrieves the user-supplied sessionPath and passes it to WriterHandle.getCmd(), which directly concatenates the parameter into a shell command string without sufficient validation or escaping. This string is then executed by ShellExecutor.service().exe(). An unauthenticated remote attacker can exploit this vulnerability by injecting shell metacharacters (e.g., ;) into the sessionPath parameter to execute arbitrary system commands with the privileges of the web server (typically root or tomcat).
La source⚠️ https://github.com/master-abc/cve/issues/12
Utilisateur
 nestor233 (UID 94006)
Soumission30/12/2025 17:40 (il y a 6 mois)
Modérer09/01/2026 18:12 (10 days later)
StatutAccepté
Entrée VulDB340346 [Sangfor Operation and Maintenance Management System jusqu’à 3.0.8 getCmd WriterHandle.getCmd sessionPath élévation de privilèges]
Points20

Do you know our Splunk app?

Download it now for free!