CGM CLININET Code Injection Vulnerability

Vulnerability

A code injection vulnerability exists in CGM CLININET within the endpoints '/cgi-bin/CliniNET.prd/utils/usrlogstat_simple.pl', '/cgi-bin/CliniNET.prd/utils/usrlogstat.pl', '/cgi-bin/CliniNET.prd/utils/userlogstat2.pl', and '/cgi-bin/CliniNET.prd/utils/dblogstat.pl'. The vulnerability arises because the parameters in these endpoints are not properly normalized, allowing for malicious code to be injected and potentially executed.

Impact

Exploitation of this vulnerability allows for code injection, where an attacker can introduce and execute arbitrary code on the server.

Added: Mar 2, 2026, 12:19 PM

Updated: Mar 2, 2026, 12:19 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

7.4

remediation

0.0

relevance

3.7

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

7.4

remediation

0.0

relevance

3.7

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

CGM CLININET Code Injection Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating