CGM CLININET Code Injection Vulnerability

Vulnerability

A code injection vulnerability has been identified in CGM CLININET software, affecting all versions prior to 2024.MS4.33. The vulnerability arises in the RunCommand function, which accepts any parameter and executes it in the shell, allowing attackers to execute arbitrary code on the system.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the affected system.

Added: Aug 27, 2025, 11:21 AM

Updated: Aug 27, 2025, 11:21 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

7.4

remediation

0.0

relevance

0.4

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

7.4

remediation

0.0

relevance

0.4

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

CGM CLININET Code Injection Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating