Description
Single Sign-On Portal System developed by WellChoose has a OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server.
Published: 2026-01-26
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

The vulnerability is an OS Command Injection (CWE‑78) that allows an authenticated remote attacker to inject and execute arbitrary operating‑system commands on the WellChoose Single Sign‑On Portal System. This flaw can lead to complete compromise of the server, allowing the attacker to read, modify, delete data or pivot to other systems. The impact is broad, affecting confidentiality, integrity and availability of all data processed by the portal.

Affected Systems

WellChoose Single Sign‑On Portal System is affected. The CVE payload does not specify affected versions, so the affected version range is unknown. The vendor recommends updating to IFTOP_P4_181 or later to mitigate the issue.

Risk and Exploitability

The CVSS score of 8.7 indicates a high severity flaw. The EPSS score is below 1%, suggesting a low likelihood of active exploitation in the near term, and the vulnerability is not listed in the CISA KEV catalog. However, the flaw requires authentication, so the attacker must first gain legitimate access to the portal. Once authenticated, the attacker can inject commands with full privileges of the portal service, making this a severe remote code execution risk.

Generated by OpenCVE AI on April 18, 2026 at 18:51 UTC.

Remediation

Vendor Solution

Update to version IFTOP_P4_181 or later.

OpenCVE Recommended Actions

  • Apply the vendor‑issued update to IFTOP_P4_181 or later.
  • Restrict network access to the Single Sign‑On Portal System to trusted IP ranges and enforce strong authentication.
  • Implement log monitoring for anomalous command execution and block any suspicious traffic.

Generated by OpenCVE AI on April 18, 2026 at 18:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 11 Mar 2026 23:00:00 +0000

Type Values Removed Values Added
First Time appeared Wellchoose single Sign-on Portal System
CPEs cpe:2.3:a:wellchoose:single_sign-on_portal_system:*:*:*:*:*:*:*:*
Vendors & Products Wellchoose single Sign-on Portal System

Tue, 27 Jan 2026 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Wellchoose
Wellchoose single Sign On Portal System
Vendors & Products Wellchoose
Wellchoose single Sign On Portal System

Mon, 26 Jan 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 26 Jan 2026 08:30:00 +0000

Type Values Removed Values Added
Description Single Sign-On Portal System developed by WellChoose has a OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server.
Title WellChoose|Single Sign-On Portal System - OS Command Injection
Weaknesses CWE-78
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Wellchoose Single Sign-on Portal System Single Sign On Portal System
cve-icon MITRE

Status: PUBLISHED

Assigner: twcert

Published:

Updated: 2026-01-26T14:04:40.424Z

Reserved: 2026-01-26T07:21:59.002Z

Link: CVE-2026-1428

cve-icon Vulnrichment

Updated: 2026-01-26T14:04:36.544Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-26T09:15:47.433

Modified: 2026-03-11T22:50:28.113

Link: CVE-2026-1428

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T19:00:08Z

Weaknesses