{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-1414", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-01-25T09:50:43.788Z", "datePublished": "2026-01-26T02:02:06.549Z", "dateUpdated": "2026-02-23T08:55:31.161Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-02-23T08:55:31.161Z"}, "title": "Sangfor Operation and Maintenance Security Management System HTTP POST Request get_Information getInformation command injection", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-77", "lang": "en", "description": "Command Injection"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-74", "lang": "en", "description": "Injection"}]}], "affected": [{"vendor": "Sangfor", "product": "Operation and Maintenance Security Management System", "versions": [{"version": "3.0.0", "status": "affected"}, {"version": "3.0.1", "status": "affected"}, {"version": "3.0.2", "status": "affected"}, {"version": "3.0.3", "status": "affected"}, {"version": "3.0.4", "status": "affected"}, {"version": "3.0.5", "status": "affected"}, {"version": "3.0.6", "status": "affected"}, {"version": "3.0.7", "status": "affected"}, {"version": "3.0.8", "status": "affected"}, {"version": "3.0.9", "status": "affected"}, {"version": "3.0.10", "status": "affected"}, {"version": "3.0.11", "status": "affected"}, {"version": "3.0.12", "status": "affected"}], "modules": ["HTTP POST Request Handler"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in Sangfor Operation and Maintenance Security Management System up to 3.0.12. This impacts the function getInformation of the file /equipment/get_Information of the component HTTP POST Request Handler. Executing a manipulation of the argument fortEquipmentIp can lead to command injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 6.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 6.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-01-25T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-01-25T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-01-31T07:44:08.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "hhsw34 (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.342803", "name": "VDB-342803 | Sangfor Operation and Maintenance Security Management System HTTP POST Request get_Information getInformation command injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.342803", "name": "VDB-342803 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.736524", "name": "Submit #736524 | Sangfor Operation and Maintenance Security Management System (OSM / \u8fd0\u7ef4\u5b89\u5168\u7ba1\u7406\u7cfb\u7edf) v3.0.12 Command Injection", "tags": ["third-party-advisory"]}, {"url": "https://github.com/LX-LX88/cve/issues/24", "tags": ["broken-link", "exploit", "issue-tracking"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-26T17:26:59.907396Z", "id": "CVE-2026-1414", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-26T17:27:09.368Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-1414", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-26T17:26:59.907396Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-26T17:27:03.090Z"}}], "cna": {"title": "Sangfor Operation and Maintenance Security Management System HTTP POST Request get_Information getInformation command injection", "credits": [{"lang": "en", "type": "reporter", "value": "hhsw34 (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "Sangfor", "modules": ["HTTP POST Request Handler"], "product": "Operation and Maintenance Security Management System", "versions": [{"status": "affected", "version": "3.0.0"}, {"status": "affected", "version": "3.0.1"}, {"status": "affected", "version": "3.0.2"}, {"status": "affected", "version": "3.0.3"}, {"status": "affected", "version": "3.0.4"}, {"status": "affected", "version": "3.0.5"}, {"status": "affected", "version": "3.0.6"}, {"status": "affected", "version": "3.0.7"}, {"status": "affected", "version": "3.0.8"}, {"status": "affected", "version": "3.0.9"}, {"status": "affected", "version": "3.0.10"}, {"status": "affected", "version": "3.0.11"}, {"status": "affected", "version": "3.0.12"}]}], "timeline": [{"lang": "en", "time": "2026-01-25T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-01-25T01:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-01-31T07:44:08.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.342803", "name": "VDB-342803 | Sangfor Operation and Maintenance Security Management System HTTP POST Request get_Information getInformation command injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.342803", "name": "VDB-342803 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.736524", "name": "Submit #736524 | Sangfor Operation and Maintenance Security Management System (OSM / \u8fd0\u7ef4\u5b89\u5168\u7ba1\u7406\u7cfb\u7edf) v3.0.12 Command Injection", "tags": ["third-party-advisory"]}, {"url": "https://github.com/LX-LX88/cve/issues/24", "tags": ["broken-link", "exploit", "issue-tracking"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in Sangfor Operation and Maintenance Security Management System up to 3.0.12. This impacts the function getInformation of the file /equipment/get_Information of the component HTTP POST Request Handler. Executing a manipulation of the argument fortEquipmentIp can lead to command injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-77", "description": "Command Injection"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-74", "description": "Injection"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-02-23T08:55:31.161Z"}}}, "cveMetadata": {"cveId": "CVE-2026-1414", "state": "PUBLISHED", "dateUpdated": "2026-02-23T08:55:31.161Z", "dateReserved": "2026-01-25T09:50:43.788Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-01-26T02:02:06.549Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sangfor:operation_and_maintenance_security_management_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2514FE4-F7D8-46CC-9ACF-FC9B7433599F", "versionEndIncluding": "3.0.12", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in Sangfor Operation and Maintenance Security Management System up to 3.0.12. This impacts the function getInformation of the file /equipment/get_Information of the component HTTP POST Request Handler. Executing a manipulation of the argument fortEquipmentIp can lead to command injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized."}, {"lang": "es", "value": "Se determin\u00f3 una vulnerabilidad en el Sistema de Gesti\u00f3n de Seguridad de Operaci\u00f3n y Mantenimiento de Sangfor hasta la versi\u00f3n 3.0.12. Esto afecta a la funci\u00f3n getInformation del archivo /equipment/get_Information del componente HTTP POST Request Handler. La ejecuci\u00f3n de una manipulaci\u00f3n del argumento fortEquipmentIp puede conducir a una inyecci\u00f3n de comandos. El ataque puede lanzarse de forma remota. El exploit ha sido divulgado p\u00fablicamente y puede ser utilizado."}], "id": "CVE-2026-1414", "lastModified": "2026-04-29T01:00:01.613", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 2.1, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-01-26T03:15:49.587", "references": [{"source": "cna@vuldb.com", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "url": "https://github.com/LX-LX88/cve/issues/24"}, {"source": "cna@vuldb.com", "tags": ["Permissions Required", "VDB Entry"], "url": "https://vuldb.com/?ctiid.342803"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?id.342803"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?submit.736524"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-74"}, {"lang": "en", "value": "CWE-77"}], "source": "cna@vuldb.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-77"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-18T02:47:20.465082+00:00", "value": {"mitigation_remediation": ["Upgrade the Sangfor Operation and Maintenance Security Management System to any version newer than 3.0.12 where the command injection bug has been fixed.", "Restrict network access to the /equipment/get_Information endpoint, for example by limiting the IP range or enforcing strict authentication before allowing POST requests.", "Implement server-side input validation and sanitization for the fortEquipmentIp parameter to eliminate potential command injection vectors."], "summary": {"action": "Apply Patch", "impact": "Remote Command Execution"}, "threat_synthesis": {"affected_systems": "Sangfor Operation and Maintenance Security Management System versions up to and including 3.0.12 are impacted. No specific service pack or build identifiers are listed beyond the major version boundary.", "description_and_impact": "An attacker can exploit a command injection flaw in the getInformation function of the HTTP POST handler by manipulating the fortEquipmentIp argument. The flaw allows execution of arbitrary system commands on the underlying server, leading to full compromise of confidentiality, integrity, and availability of the affected device.", "risk_and_exploitability": "The CVSS base score of 5.3 indicates a moderate risk, but the EPSS score is below 1%, suggesting a low likelihood of exploitation in the wild. The vulnerability is not currently recorded in the CISA KEV catalog. An attacker can launch the exploit remotely via an HTTP POST request to /equipment/get_Information, making the attack straightforward for anyone with network access to the system."}}}}, "created": "2026-01-26T11:48:01.133248+00:00", "updated": "2026-04-18T03:00:10.311826+00:00", "vendors": ["sangfor", "sangfor$PRODUCT$operation_and_maintenance_security_management_system"]}