SysAK Command Execution Vulnerability

Vulnerability

A command execution vulnerability exists in SysAK versions through 2.0. The issue allows arbitrary command execution by injecting commands that are executed in the context of the application. For example, appending 'aaa;cat /etc/passwd' to a vulnerable input can be used to read the contents of the passwd file.

Impact

Exploitation of this vulnerability allows for arbitrary command execution on the server where SysAK is running.

Added: Mar 20, 2026, 2:25 PM

Updated: Mar 20, 2026, 2:25 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

8.1

remediation

0.0

relevance

4.2

threat

3.2

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

8.1

remediation

0.0

relevance

4.2

threat

3.2

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SysAK Command Execution Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating