PT-2026-4763 · Apache · Apache Continuum
Published
2026-01-26
·
Updated
2026-01-26
·
CVE-2016-15057
CVSS v3.1
9.9
Critical
| Vector | AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Apache Continuum (affected versions not specified)
Description
The software contains a flaw related to improper neutralization of special elements used in a command, potentially leading to command injection. An attacker gaining access to the installation’s REST API can execute arbitrary commands on the server. The project is no longer supported, and a fix will not be released.
Recommendations
Find an alternative solution.
Restrict access to the instance to trusted users.
Fix
RCE
Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apache Continuum