CVE-2026-4170
OS Command Injection in Topsec TopACM HTTP Request Handler
Publication date: 2026-03-16
Last updated on: 2026-03-16
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| topsec_technologies_inc. | topacm | 3.0 |
| topsec | topacm | 3.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-77 | The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component. |
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by searching for the URL pattern in your network or system logs that matches the vulnerable endpoint: /view/systemConfig/management/nmc_sync.php.
One detection method is to look for HTTP requests that include the argument template_path being manipulated or suspiciously crafted, as this is the injection point.
Google hacking techniques can be used to locate vulnerable targets by searching for URLs containing inurl:view/systemConfig/management/nmc_sync.php.
While no specific detection commands are provided, monitoring HTTP request logs for unusual or unexpected commands injected via the template_path parameter is recommended.
What immediate steps should I take to mitigate this vulnerability?
No known mitigations or countermeasures have been published by the vendor for this vulnerability.
It is suggested to consider replacing the affected product, Topsec TopACM version 3.0, with an alternative solution to avoid exposure.
As an immediate step, restrict access to the vulnerable endpoint /view/systemConfig/management/nmc_sync.php if possible, such as by network segmentation or firewall rules, to reduce exposure.
Monitor your systems closely for any signs of exploitation, given that a public exploit is available and the vulnerability can be exploited remotely without authentication.
Can you explain this vulnerability to me?
CVE-2026-4170 is a critical OS command injection vulnerability found in Topsec TopACM version 3.0, specifically in the HTTP Request Handler component within the file /view/systemConfig/management/nmc_sync.php.
The vulnerability arises because the argument template_path is improperly handled, allowing an attacker to inject and execute arbitrary operating system commands remotely without any authentication.
This means an attacker can send specially crafted HTTP requests to this endpoint and execute shell commands on the affected server.
The vulnerability corresponds to CWE-78, where external input is used to construct OS commands without proper neutralization, leading to command injection.
How can this vulnerability impact me? :
Exploitation of this vulnerability can lead to severe impacts including full system compromise.
- Attackers can execute arbitrary OS commands remotely without authentication.
- It can result in sensitive data exfiltration.
- Attackers may gain persistent control over the affected host server.
- The vulnerability impacts confidentiality, integrity, and availability of the system.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know