CVE-2026-1427
OS Command Injection in WellChoose Organization Portal Allows Remote Execution
Publication date: 2026-01-26
Last updated on: 2026-03-11
Assigner: TWCERT/CC
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wellchoose | single_sign-on_portal_system | to iftop_p4_181 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-1427 is an OS Command Injection vulnerability in the Organization Portal System developed by WellChoose. It allows authenticated remote attackers to inject and execute arbitrary operating system commands on the server, potentially compromising the system. This means that an attacker who has valid credentials can run malicious commands on the server, leading to serious security risks. [1, 2]
How can this vulnerability impact me? :
This vulnerability can have a high impact on confidentiality, integrity, and availability of the affected system. An attacker can execute arbitrary OS commands remotely, which may lead to unauthorized data access, data modification, or disruption of services. Because the attack requires only low privileges and no user interaction, it poses a significant risk to the security and stability of the server. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
The immediate step to mitigate this vulnerability is to update the affected systems (Electronic Catalog Service System and Single Sign-On Portal System) to version IFTOP_P4_181 or later. [1, 2]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not contain information regarding the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.