PT-2026-43016 · Dtstack · Taier

Fakebug

·

Published

2026-05-25

·

Updated

2026-05-25

·

CVE-2026-9437

CVSS v2.0

6.5

Medium

VectorAV:N/AC:L/Au:S/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions DTStack Taier version 1.4.0
Description An OS command injection issue exists in the REST API component. Remote attackers can exploit this by manipulating the sqlText argument passed to the Runtime.exec() function.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Command Injection

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-9437

Affected Products

Taier