Medium severity6.3NVD Advisory· Published Jan 26, 2026· Updated Apr 29, 2026
CVE-2026-1413
CVE-2026-1413
Description
A vulnerability was found in Sangfor Operation and Maintenance Security Management System up to 3.0.12. This affects the function portValidate of the file /fort/ip_and_port/port_validate of the component HTTP POST Request Handler. Performing a manipulation of the argument port results in command injection. The attack can be initiated remotely. The exploit has been made public and could be used.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:sangfor:operation_and_maintenance_security_management_system:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:sangfor:operation_and_maintenance_security_management_system:*:*:*:*:*:*:*:*range: <=3.0.12
- (no CPE)range: <=3.0.12
Patches
Vulnerability mechanics
References
4- github.com/LX-LX88/cve/issues/23nvdIssue TrackingThird Party Advisory
- vuldb.comnvdThird Party AdvisoryVDB Entry
- vuldb.comnvdThird Party AdvisoryVDB Entry
- vuldb.comnvdPermissions RequiredVDB Entry
News mentions
0No linked articles in our index yet.