CVE-2025-12916 | Sangfor Operation and Maintenance Security Management System Frontend /fort/portal_login command injection

Inserito da Angelo Barbosa | Nov 8, 2025 | CVE

A vulnerability, which was classified as critical, has been found in Sangfor Operation and Maintenance Security Management System 3.0. Impacted is an unknown function of the file /fort/portal_login of the component Frontend. This manipulation of the argument loginUrl causes command injection.

This vulnerability appears as CVE-2025-12916. The attack may be initiated remotely. In addition, an exploit is available.

It is advisable to upgrade the affected component.

CVE-2025-12916 | Sangfor Operation and Maintenance Security Management System Frontend /fort/portal_login command injection

Post correlati

CVE-2024-1701 | keerti1924 PHP-MYSQL-User-Login-System 1.0 /edit.php access control

CVE-2024-9939 | File Upload Plugin up to 4.24.13 on WordPress wfu_file_downloader.php path traversal

CVE-2024-10502 | ESAFENET CDG 5 FileDirectoryService.java getOneFileDirectory directoryId sql injection

CVE-2024-8458 | PLANET Technology GS-4210-24P2S Hardware 3.0 cross-site request forgery