Primary

Context

baserCMS OS Command Injection Vulnerability in Installer

Vulnerability

Patched

A command injection vulnerability allowing the execution of arbitrary OS commands has been identified in the baserCMS installer, affecting versions through 5.2.2. This vulnerability can be exploited if baserCMS is uploaded to a server but not yet installed.

Impact

Exploitation of this vulnerability allows for arbitrary OS command execution on the server where baserCMS is hosted.

Remediation

Users are advised to update to baserCMS version 5.2.3 or later.

Added: Mar 31, 2026, 1:20 AM

Updated: Mar 31, 2026, 1:20 AM

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

10.0

exploitability

7.9

remediation

7.7

relevance

5.0

threat

0.0

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

10.0

exploitability

7.9

remediation

7.7

relevance

5.0

threat

0.0

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

baserCMS OS Command Injection Vulnerability in Installer

Vulnerability

Impact

Remediation

Affected Products

baserCMS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating