PT-2026-4733 · Unknown · Wellchoose Single Sign-On Portal System

Yucheng Lin

Publicado

2026-01-26

Atualizado

2026-03-11

CVE-2026-1428

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions WellChoose Single Sign-On Portal System (affected versions not specified)

Description The WellChoose Single Sign-On Portal System contains an OS Command Injection issue. Authenticated remote attackers can inject arbitrary OS commands and execute them on the server. The issue allows for the injection of commands, potentially granting attackers unauthorized access and control over the system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

OS Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-78

Identificadores relacionados

CVE-2026-1428

Produtos afetados

Wellchoose Single Sign-On Portal System

PT-2026-4733 · Unknown · Wellchoose Single Sign-On Portal System

CVE-2026-1428

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 13