CVE-2026-38615
CRITICAL
9,8
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high
Description
AI Translation Available
DedeCMS V5.7.118 is vulnerable to Command Execution in file_manage_control.php.
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,0009
Percentile
0,2th
Updated
EPSS Score Trend (Last 6 Days)
78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
StableCommon Consequences
Security Scopes Affected:
Confidentiality
Integrity
Availability
Non-Repudiation
Potential Impacts:
Execute Unauthorized Code Or Commands
Dos: Crash, Exit, Or Restart
Read Files Or Directories
Modify Files Or Directories
Read Application Data
Modify Application Data
Hide Activities
Applicable Platforms
Technologies:
Not Technology-Specific, AI/ML, Web Server
https://github.com/Bul11et/CMS/blob/main/1.docx
https://github.com/Bul11et/CMS/blob/main/1.docx