{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2024-44722", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-03-23T13:06:41.467Z", "dateReserved": "2024-08-21T00:00:00.000Z", "datePublished": "2026-03-20T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-20T13:47:09.934Z"}, "descriptions": [{"lang": "en", "value": "SysAK v2.0 and before is vulnerable to command execution via aaa;cat /etc/passwd."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://gitee.com/anolis/sysak"}, {"url": "https://gist.github.com/0x00dream2/9984c109101c0b1e352f8ee9ad5e40fe#file-cve-2024-44722"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-94", "lang": "en", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-23T13:06:02.576818Z", "id": "CVE-2024-44722", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-23T13:06:41.467Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-44722", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-23T13:06:02.576818Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-23T13:06:32.284Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://gitee.com/anolis/sysak"}, {"url": "https://gist.github.com/0x00dream2/9984c109101c0b1e352f8ee9ad5e40fe#file-cve-2024-44722"}], "descriptions": [{"lang": "en", "value": "SysAK v2.0 and before is vulnerable to command execution via aaa;cat /etc/passwd."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-20T13:47:09.934Z"}}}, "cveMetadata": {"cveId": "CVE-2024-44722", "state": "PUBLISHED", "dateUpdated": "2026-03-23T13:06:41.467Z", "dateReserved": "2024-08-21T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-03-20T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:anolis:sysak:*:*:*:*:*:*:*:*", "matchCriteriaId": "F1DEBF38-E6FA-452C-B283-DB6CADB052C6", "versionEndIncluding": "2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "SysAK v2.0 and before is vulnerable to command execution via aaa;cat /etc/passwd."}, {"lang": "es", "value": "SysAK v2.0 y versiones anteriores son vulnerables a la ejecuci\u00f3n de comandos a trav\u00e9s de \u00abaaa;cat /etc /passwd\u00bb."}], "id": "CVE-2024-44722", "lastModified": "2026-04-14T20:48:22.810", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-20T14:16:13.373", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://gist.github.com/0x00dream2/9984c109101c0b1e352f8ee9ad5e40fe#file-cve-2024-44722"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://gitee.com/anolis/sysak"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,2.0]"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "sysak", "vendor": "anolis"}], "analysis": {"en": {"generated_at": "2026-03-23T15:39:13.700725+00:00", "value": {"mitigation_remediation": ["Apply a vendor patch that removes or secures the \"aaa\" functionality or upgrade to a version newer than 2.0 if available.", "If no patch has yet been released, disable or restrict access to the \"aaa\" command for unauthenticated users.", "Limit exposure by placing the SysAK service behind a firewall and allowing connections only from trusted networks.", "Monitor system logs for suspicious activity involving the \"aaa\" interface and investigate any unexpected command executions promptly."], "summary": {"action": "Immediate Patch", "impact": "Command Injection leading to arbitrary command execution"}, "threat_synthesis": {"affected_systems": "All releases of SysAK up to and including version 2.0 are impacted. The product is named SysAK, and no specific vendor is listed. Administrators should verify that their installation is version 2.0 or earlier and consider it vulnerable.", "description_and_impact": "SysAK contains an input validation flaw in the \"aaa\" function that allows attackers to inject and execute arbitrary shell commands, such as \u201ccat /etc/passwd\u201d. This command\u2011injection weakness (CWE\u201194) can be used to read sensitive files, modify system configuration, or launch further exploitation, effectively compromising the confidentiality, integrity, and availability of the affected host.", "risk_and_exploitability": "The CVSS score of 9.8 denotes critical severity, while an EPSS score of less than 1% suggests that widespread exploitation is not yet common but still possible where the vulnerable interface is exposed. Based on the description, it is inferred that the attacker must be able to trigger the \"aaa\" function with crafted input, which could occur through a network\u2011exposed service or local usage. Successful exploitation would grant the attacker full control of the host without requiring elevated privileges, making this a high\u2011risk issue not yet listed in the CISA KEV catalog."}}}}, "created": "2026-03-23T09:53:34.350681+00:00", "title": "Arbitrary Command Execution via 'aaa' Function in SysAK", "updated": "2026-03-25T14:10:27.868050+00:00", "vendors": ["anolis", "anolis$PRODUCT$sysak"]}