Description
An OS Command Injection vulnerability exists in LMS (LAN Management System) before commit 9fcb4de due to an IP address parameter being passed to the "exec()" function without proper validation, allowing attackers to execute arbitrary operating system commands.
Published: 2026-06-18
Score: 8.6 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is an OS Command Injection where an unvalidated IP address parameter is passed directly to the exec() system call. This flaw enables an attacker to run arbitrary operating‑system commands, compromising confidentiality, integrity, and availability of the affected host. The weakness belongs to CWE‑78.

Affected Systems

The impacted product is LMS, the LAN Management System. Versions preceding commit 9fcb4de (9fcb4de19b7d76394898dbc124252b86b07ac0ed) are vulnerable. Users running older releases should check the LMS repository or vendor site for the patch commit.

Risk and Exploitability

The CVSS score of 8.6 labels this flaw as high severity. Epistemic exploitation probability is unknown due to the lack of an EPSS score, and the vulnerability is currently not listed in the CISA KEV catalog. The likely attack vector is user input of an IP address through the LMS interface, although the description does not detail authentication requirements. An attacker capable of supplying a crafted parameter could achieve full code execution on the underlying operating system.

Generated by OpenCVE AI on June 18, 2026 at 18:31 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade LMS to a version that includes the fix in commit 9fcb4de
  • Modify the application to validate or sanitize the IP address before it is passed to exec(), or replace exec() with a safer alternative
  • Restrict access to the LMS configuration interface to trusted administrators and enforce network segmentation to limit exposure

Generated by OpenCVE AI on June 18, 2026 at 18:31 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 18 Jun 2026 19:30:00 +0000

Type Values Removed Values Added
First Time appeared Lms
Lms lms
Vendors & Products Lms
Lms lms

Thu, 18 Jun 2026 16:45:00 +0000

Type Values Removed Values Added
Description An OS Command Injection vulnerability exists in LMS (LAN Management System) before commit 9fcb4de due to an IP address parameter being passed to the "exec()" function without proper validation, allowing attackers to execute arbitrary operating system commands.
Title OS Command Injection in LMS
Weaknesses CWE-78
References
Metrics cvssV4_0

{'score': 8.6, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Subscriptions

Lms Lms
cve-icon MITRE

Status: PUBLISHED

Assigner: CERT-PL

Published:

Updated: 2026-06-18T12:29:40.271Z

Reserved: 2026-04-13T09:36:21.532Z

Link: CVE-2026-40456

cve-icon Vulnrichment

Updated: 2026-06-18T12:29:35.613Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-18T19:15:02Z

Weaknesses
  • CWE-78

    Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')