CNNVD-202601-3825 Information

Jan 22, 2026 cve

CNNVD ID

CNNVD-202601-3825

CVE-2026-1324

CNNVD Published: 2026-01-22

Description (Chinese)

Sangfor Operation and Maintenance Management System是中国深信服（Sangfor）公司的一款运维管理系统。 Sangfor Operation and Maintenance Management System 3.0.12及之前版本存在操作系统命令注入漏洞，该漏洞源于对文件/isomp-protocol/protocol/session中参数keypassword的错误操作，可能导致os命令注入。

Description (English)

The Sangfor Operation and Community Management System is a transport management system that China is convinced of. There is a loophole in the operating system commands of Sangfor Operation and Management System 3.0.12 and previous versions, which stems from the mishandling of the parameter keypassword in the document/somp-protocol/protocol/session, which may lead to an Os command injection.

Hazard Level

Medium

Vulnerability Type

操作系统命令注入

Affected Vendor

深信服

Published

2026-01-22

Last Modified

2026-02-24

References

https://github.com/LX-LX88/cve/issues/20 https://vuldb.com/?ctiid.342300 https://vuldb.com/?id.342300 https://vuldb.com/?submit.735716

Share on: