Primary

Context

ImpressCMS Remote Code Execution Vulnerability in Autotasks Administrative Interface

Vulnerability

A remote code execution vulnerability has been identified in ImpressCMS version 1.4.2, specifically within the autotasks administrative interface. This vulnerability allows authenticated attackers to execute arbitrary PHP code by injecting malicious code into the sat_code parameter. Exploitation involves authenticating and sending a POST request to /modules/system/admin.php?fct=autotasks&op=mod with a crafted sat_code that includes PHP commands. This action creates an executable file that can accept arbitrary commands via GET parameters.

Impact

Exploitation of this vulnerability allows for remote code execution on the server where ImpressCMS is hosted.

Reproduction

To reproduce this vulnerability, an authenticated user must send a POST request to the autotasks administrative interface with a crafted sat_code parameter that includes PHP code. Once the request is processed, the injected code is executed on the server.

Added: May 10, 2026, 1:36 PM

Updated: May 10, 2026, 1:36 PM

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

7.5

exploitability

8.2

remediation

0.0

relevance

7.9

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

7.5

exploitability

8.2

remediation

0.0

relevance

7.9

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ImpressCMS Remote Code Execution Vulnerability in Autotasks Administrative Interface

Vulnerability

Impact

Reproduction

Affected Products

ImpressCMS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating