Lucene search
K

5 matches found

CVE
CVE
added 8 hours ago8 views

CVE-2026-15497

Affected software / component: SonicCloudOrg sonic-agent (up to 2.7.2), specifically the JWT Authentication Filter in the ExchangeController.java path. Vulnerability: code injection vulnerability reported as enabling a remote attacker to manipulate code execution. Impact (per docs): remote exploi...

7.5CVSS6.6AI score
Exploits0References5
CVE
CVE
added 9 hours ago8 views

CVE-2026-15496

SonicCloudOrg sonic-agent (up to version 2.7.2) contains a remote os command injection in GroovyScriptImpl.evalIsFailed within Groovy Script Handler. The vulnerable function is in sonic-agent/src/main/java/org/cloud/sonic/agent/tests/script/GroovyScriptImpl.java. Exploitation is public and report...

6.5CVSS6.3AI score
Exploits0References5
EUVD
EUVD
added 9 hours ago9 views

EUVD-2026-43218

A vulnerability was found in SonicCloudOrg sonic-agent up to 2.7.2. The impacted element is the function evalIsFailed of the file sonic-agent/src/main/java/org/cloud/sonic/agent/tests/script/GroovyScriptImpl.java of the component Groovy Script Handler. The manipulation results in os command...

6.5CVSS6.3AI score
Exploits0References5
CVE
CVE
added 9 hours ago8 views

CVE-2026-15495

The vulnerability CVE-2026-15495 affects SonicCloudOrg sonic-agent up to version 2.7.2, specifically in the Android WebSocket Server component’s AndroidWSServer.java. The issue arises from manipulating the path argument, causing os command injection. It is remotely exploitable and has public disc...

6.5CVSS6.3AI score
Exploits0References6
EUVD
EUVD
added 9 hours ago6 views

EUVD-2026-43217

A vulnerability has been found in SonicCloudOrg sonic-agent up to 2.7.2. The affected element is an unknown function of the file AndroidWSServer.java of the component Android WebSocket Server. The manipulation of the argument path leads to os command injection. The attack can be initiated remotel...

6.5CVSS6.3AI score
Exploits0References6
Rows per page
Query Builder