CNNVD-202601-1585 Information
CNNVD ID
CNNVD-202601-1585
Related CVE
- CNNVD Published: 2026-01-09
Description (Chinese)
Sangfor Operation and Maintenance Management System是中国深信服(Sangfor)公司的一款运维管理系统。 Sangfor Operation and Maintenance Management System 3.0.8及之前版本存在操作系统命令注入漏洞,该漏洞源于对文件/isomp-protocol/protocol/getCmd中参数sessionPath的错误操作,可能导致os命令注入。
Description (English)
The Sangfor Operation and Community Management System is a transport management system that China is convinced of. SangforOperation and Management System 3.0.8 and previous versions of the operating system incorporated a loophole resulting from an error in the use of the parameter ssessionPath in the document/somp-protocol/protocol/getCmd, which could lead to an Os command injection.
Hazard Level
Low
Vulnerability Type
操作系统命令注入
Affected Vendor
深信服
Published
2026-01-09
Last Modified
2026-02-24
References
https://github.com/master-abc/cve/issues/12 https://github.com/master-abc/cve/issues/12#issue-3770615262 https://vuldb.com/?ctiid.340346 https://vuldb.com/?id.340346 https://vuldb.com/?submit.727214