CVE-2024-6917
CRITICALVeribase Order Management < 4.010.2 - OS Command Injection
Title source: llmDescription
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Veribilim Software Veribase Order Management allows OS Command Injection. This issue affects Veribase Order Management: before v4.010.2.
References (2)
Core 2
Core References
Third Party Advisory government-resource
broken-link
https://www.usom.gov.tr/bildirim/tr-24-1105
Government Resource government-resource
https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-24-1105
Scores
CVSS v3
9.8
EPSS
0.0131
EPSS Percentile
66.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-78
Status
published
Products (2)
veribase/order_management
< 4.010.2
Veribilim Software/Veribase Order Management
< v4.010.2
Published
Aug 12, 2024
Tracked Since
Feb 18, 2026