Lucene search
K

18 matches found

RedhatCVE
RedhatCVE
added 2026/01/27 3:19 a.m.12 views

CVE-2026-1414

A vulnerability was determined in Sangfor Operation and Maintenance Security Management System up to 3.0.12. This impacts the function getInformation of the file /equipment/getInformation of the component HTTP POST Request Handler. Executing a manipulation of the argument fortEquipmentIp can lead...

9.8CVSS6.4AI score0.04451EPSS
Exploits1References1
OSV
OSV
added 2026/01/26 3:15 a.m.7 views

CVE-2026-1414

A vulnerability was determined in Sangfor Operation and Maintenance Security Management System up to 3.0.12. This impacts the function getInformation of the file /equipment/getInformation of the component HTTP POST Request Handler. Executing a manipulation of the argument fortEquipmentIp can lead...

9.8CVSS5.7AI score0.04451EPSS
Exploits1References4
OSV
OSV
added 2026/01/26 2:15 a.m.3 views

CVE-2026-1413

A vulnerability was found in Sangfor Operation and Maintenance Security Management System up to 3.0.12. This affects the function portValidate of the file /fort/ipandport/portvalidate of the component HTTP POST Request Handler. Performing a manipulation of the argument port results in command...

9.8CVSS5.7AI score0.02801EPSS
Exploits0References4
CVE
CVE
added 2026/01/26 2:2 a.m.19 views

CVE-2026-1414

CVE-2026-1414 affects Sangfor Operation and Maintenance Security Management System (up to version 3.0.12). The vulnerability resides in the HTTP POST Request Handler for /equipment/get_Information, where tampering with the fortEquipmentIp argument can trigger a command injection. The issue can be...

9.8CVSS6.5AI score0.04451EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/26 1:32 a.m.5 views

CVE-2026-1413 Sangfor Operation and Maintenance Security Management System HTTP POST Request port_validate portValidate command injection

A vulnerability was found in Sangfor Operation and Maintenance Security Management System up to 3.0.12. This affects the function portValidate of the file /fort/ipandport/portvalidate of the component HTTP POST Request Handler. Performing a manipulation of the argument port results in command...

6.5CVSS5.6AI score0.02801EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/01/26 1:2 a.m.2 views

CVE-2026-1412

A vulnerability has been found in Sangfor Operation and Maintenance Security Management System up to 3.0.12. The impacted element is an unknown function of the file /fort/audit/getclipimg of the component HTTP POST Request Handler. Such manipulation of the argument frame/dirno leads to command...

7.5CVSS5.6AI score0.03946EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/22 1:2 p.m.5 views

CVE-2026-1324 Sangfor Operation and Maintenance Management System SSH Protocol session SessionController os command injection

A vulnerability was identified in Sangfor Operation and Maintenance Management System up to 3.0.12. Affected by this issue is the function SessionController of the file /isomp-protocol/protocol/session of the component SSH Protocol Handler. The manipulation of the argument keypassword leads to os...

9CVSS5.3AI score0.06437EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/01/22 1:2 p.m.22 views

CVE-2026-1324 Sangfor Operation and Maintenance Management System SSH Protocol session SessionController os command injection

A vulnerability was identified in Sangfor Operation and Maintenance Management System up to 3.0.12. Affected by this issue is the function SessionController of the file /isomp-protocol/protocol/session of the component SSH Protocol Handler. The manipulation of the argument keypassword leads to os...

9CVSS0.06437EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.8 views

PT-2026-3933

Name of the Vulnerable Software and Affected Versions Sangfor Operation and Maintenance Security Management System versions prior to 3.0.13 Description A security flaw exists in Sangfor Operation and Maintenance Security Management System. The issue involves the edit pwd mall function within the...

9.8CVSS6AI score0.00523EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.14 views

PT-2026-3932

Name of the Vulnerable Software and Affected Versions Sangfor Operation and Maintenance Management System versions up to 3.0.12 Description A flaw exists in Sangfor Operation and Maintenance Management System. This issue is related to the SessionController function within the SSH Protocol Handler...

9.8CVSS7.2AI score0.06437EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2026/01/13 10:53 p.m.3 views

CVE-2025-15502

A vulnerability was identified in Sangfor Operation and Maintenance Management System up to 3.0.8. The affected element is the function SessionController of the file /isomp-protocol/protocol/session. Such manipulation of the argument Hostname leads to os command injection. The attack can be...

9.8CVSS6.8AI score0.05577EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/13 10:52 p.m.7 views

CVE-2025-15500

A vulnerability was found in Sangfor Operation and Maintenance Management System up to 3.0.8. This issue affects some unknown processing of the file /isomp-protocol/protocol/getHis of the component HTTP POST Request Handler. The manipulation of the argument sessionPath results in os command...

10CVSS6.8AI score0.05593EPSS
Exploits1References1
EUVD
EUVD
added 2026/01/10 12:30 a.m.10 views

EUVD-2025-206270

A vulnerability was found in Sangfor Operation and Maintenance Management System up to 3.0.8. This issue affects some unknown processing of the file /isomp-protocol/protocol/getHis of the component HTTP POST Request Handler. The manipulation of the argument sessionPath results in os command...

10CVSS6.5AI score0.05593EPSS
Exploits1References6
NVD
NVD
added 2026/01/09 11:15 p.m.14 views

CVE-2025-15501

A vulnerability was determined in Sangfor Operation and Maintenance Management System up to 3.0.8. Impacted is the function WriterHandle.getCmd of the file /isomp-protocol/protocol/getCmd. This manipulation of the argument sessionPath causes os command injection. Remote exploitation of the attack...

10CVSS0.06369EPSS
Exploits1References5
CVE
CVE
added 2026/01/09 10:32 p.m.20 views

CVE-2025-15501

CVE-2025-15501 affects Sangfor Operation and Maintenance Management System up to v3.0.8. The vulnerability is in the function WriterHandle.getCmd (file /isomp-protocol/protocol/getCmd) where manipulating the argument sessionPath enables OS command injection. Remote exploitation is possible and ex...

10CVSS6.4AI score0.06369EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2026/01/09 10:15 p.m.6 views

CVE-2025-15500

A vulnerability was found in Sangfor Operation and Maintenance Management System up to 3.0.8. This issue affects some unknown processing of the file /isomp-protocol/protocol/getHis of the component HTTP POST Request Handler. The manipulation of the argument sessionPath results in os command...

9.8CVSS5.7AI score0.05593EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/01/09 12:0 a.m.15 views

PT-2026-1777

Name of the Vulnerable Software and Affected Versions Sangfor Operation and Maintenance Management System versions up to 3.0.8 Description A flaw exists in the HTTP POST Request Handler component of the software, specifically in the processing of the /isomp-protocol/protocol/getHis file...

10CVSS9.2AI score0.05593EPSS
Exploits1References12
Positive Technologies
Positive Technologies
added 2026/01/09 12:0 a.m.6 views

PT-2026-1776

Name of the Vulnerable Software and Affected Versions Sangfor Operation and Maintenance Management System versions up to 3.0.8 Description A flaw exists in Sangfor Operation and Maintenance Management System that allows for remote operating system command injection. This issue stems from the...

9CVSS8.6AI score0.05271EPSS
Exploits1References12
Rows per page
Query Builder