| Название | Sangfor Operation and Maintenance Management System (OSM / 运维安全管理系统) 3.0.8 OS Command Injection |
|---|
| Описание | A critical Remote Command Execution (RCE) vulnerability exists in the Sangfor Operation and Maintenance Management System (OSM) version 3.0.8. The vulnerability is located in the endpoint. The application fails to properly sanitize the parameter in an HTTP POST request./isomp-protocol/protocol/getHissessionPath
Specifically, the method retrieves the user-supplied and passes it to , which directly concatenates the parameter into a shell command string without sufficient validation or escaping. This string is then executed by . An unauthenticated remote attacker can exploit this vulnerability by injecting shell metacharacters (e.g., ) into the parameter to execute arbitrary system commands with the privileges of the web server (typically or ).WriterHandle.getHis()sessionPathWriterHandle.getCmd()ShellExecutor.service().exe();sessionPathroottomcat |
|---|
| Источник | ⚠️ https://github.com/master-abc/cve/issues/11 |
|---|
| Пользователь | Liyu Zhu (UID 93722) |
|---|
| Представление | 30.12.2025 17:31 (6 месяцы назад) |
|---|
| Модерация | 09.01.2026 18:12 (10 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 340345 [Sangfor Operation and Maintenance Management System до 3.0.8 HTTP POST Request getHis sessionPath эскалация привилегий] |
|---|
| Баллы | 20 |
|---|