Primary

Context

baserCMS OS Command Injection Vulnerability in Update Functionality

Vulnerability

Patched

A command injection vulnerability has been identified in baserCMS versions through 5.2.2, allowing authenticated users with administrator privileges to execute arbitrary operating system commands on the server. This vulnerability arises in the core update functionality and has been patched in version 5.2.3.

Impact

Exploitation of this vulnerability allows for arbitrary OS command execution on the server, with the same privileges as the user account running baserCMS.

Remediation

Users are advised to update to baserCMS version 5.2.3.

Added: Mar 31, 2026, 1:22 AM

Updated: Mar 31, 2026, 1:22 AM

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

10.0

exploitability

5.0

remediation

7.7

relevance

5.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

10.0

exploitability

5.0

remediation

7.7

relevance

5.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

baserCMS OS Command Injection Vulnerability in Update Functionality

Vulnerability

Impact

Remediation

Affected Products

baserCMS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating