CNNVD-202601-1591 Information

CNNVD ID

CNNVD-202601-1591

Related CVE

CVE-2025-15499

• CNNVD Published: 2026-01-09

Description (Chinese)

Sangfor Operation and Maintenance Management System是中国深信服（Sangfor）公司的一款运维管理系统。 Sangfor Operation and Maintenance Management System 3.0.8及之前版本存在操作系统命令注入漏洞，该漏洞源于对文件VersionController.java中参数filename的错误操作，可能导致os命令注入。

Description (English)

The Sangfor Operation and Community Management System is a transport management system that China is convinced of. SangforOperation and Management System 3.0.8 and previous versions of the operating system incorporated a loophole from an error in the file VersionController.java ’ s parameter file file file file file file file file filenamename, which could lead to an Os command injection.

Hazard Level

Medium

Vulnerability Type

操作系统命令注入

Affected Vendor

深信服

Published

2026-01-09

Last Modified

2026-02-24

References

https://github.com/master-abc/cve/issues/10 https://github.com/master-abc/cve/issues/10#issue-3770540830 https://vuldb.com/?ctiid.340344 https://vuldb.com/?id.340344 https://vuldb.com/?submit.727207

Patch

https://www.sangfor.com/