PT-2026-4732 · Unknown · Wellchoose Single Sign-On Portal System+1

Yucheng Lin

Publicado

2026-01-26

Atualizado

2026-03-12

CVE-2026-1427

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions WellChoose Single Sign-On Portal System (affected versions not specified) WellChoose Organization Portal System (affected versions not specified)

Description An OS Command Injection issue exists in the WellChoose Portal Systems, potentially allowing authenticated remote attackers to inject and execute arbitrary OS commands on the server. The affected systems include both the Single Sign-On Portal System and the Organization Portal System. The issue allows for the execution of commands, potentially leading to system compromise.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

OS Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-78

Identificadores relacionados

CVE-2026-1427

Produtos afetados

Wellchoose Organization Portal System

Wellchoose Single Sign-On Portal System

PT-2026-4732 · Unknown · Wellchoose Single Sign-On Portal System+1

CVE-2026-1427

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 14