Lucene search
K

7 matches found

ATTACKERKB
ATTACKERKB
added 2026/01/26 1:2 a.m.2 views

CVE-2026-1412

A vulnerability has been found in Sangfor Operation and Maintenance Security Management System up to 3.0.12. The impacted element is an unknown function of the file /fort/audit/getclipimg of the component HTTP POST Request Handler. Such manipulation of the argument frame/dirno leads to command...

7.5CVSS5.6AI score0.03946EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/01/22 1:2 p.m.20 views

CVE-2026-1324 Sangfor Operation and Maintenance Management System SSH Protocol session SessionController os command injection

A vulnerability was identified in Sangfor Operation and Maintenance Management System up to 3.0.12. Affected by this issue is the function SessionController of the file /isomp-protocol/protocol/session of the component SSH Protocol Handler. The manipulation of the argument keypassword leads to os...

9CVSS0.06437EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.8 views

PT-2026-3933

Name of the Vulnerable Software and Affected Versions Sangfor Operation and Maintenance Security Management System versions prior to 3.0.13 Description A security flaw exists in Sangfor Operation and Maintenance Security Management System. The issue involves the edit pwd mall function within the...

9.8CVSS6AI score0.00523EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2026/01/13 10:52 p.m.6 views

CVE-2025-15500

A vulnerability was found in Sangfor Operation and Maintenance Management System up to 3.0.8. This issue affects some unknown processing of the file /isomp-protocol/protocol/getHis of the component HTTP POST Request Handler. The manipulation of the argument sessionPath results in os command...

10CVSS6.8AI score0.05593EPSS
Exploits1References1
NVD
NVD
added 2026/01/09 11:15 p.m.14 views

CVE-2025-15501

A vulnerability was determined in Sangfor Operation and Maintenance Management System up to 3.0.8. Impacted is the function WriterHandle.getCmd of the file /isomp-protocol/protocol/getCmd. This manipulation of the argument sessionPath causes os command injection. Remote exploitation of the attack...

10CVSS0.06369EPSS
Exploits1References5
OSV
OSV
added 2026/01/09 10:15 p.m.6 views

CVE-2025-15500

A vulnerability was found in Sangfor Operation and Maintenance Management System up to 3.0.8. This issue affects some unknown processing of the file /isomp-protocol/protocol/getHis of the component HTTP POST Request Handler. The manipulation of the argument sessionPath results in os command...

9.8CVSS5.7AI score0.05593EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/01/09 12:0 a.m.12 views

PT-2026-1777

Name of the Vulnerable Software and Affected Versions Sangfor Operation and Maintenance Management System versions up to 3.0.8 Description A flaw exists in the HTTP POST Request Handler component of the software, specifically in the processing of the /isomp-protocol/protocol/getHis file...

10CVSS9.2AI score0.05593EPSS
Exploits1References12
Rows per page
Query Builder