top of page
perceptive_background_267k.jpg

NewSoftOA developed by NewSoft has an OS Command Injection vulnerability, allowing unauthenticated local attackers to inject arbitrary OS commands and execute t…

Published:

20 april 2026 om 22:00:00

Alert date:

21 april 2026 om 07:08:02

Source:

nvd.nist.gov

Click to open the original link from this advisory

Enterprise Applications

NewSoftOA developed by NewSoft contains an OS Command Injection vulnerability that allows unauthenticated local attackers to inject and execute arbitrary OS commands on the server. This critical vulnerability affects the NewSoftOA application and poses significant security risks due to the potential for complete system compromise through command execution capabilities.

Technical details

Mitigation steps:

Affected products:

NewSoftOA

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-5965
https://www.twcert.org.tw/en/cp-139-10857-c46f7-2.html
https://www.twcert.org.tw/tw/cp-132-10856-4979f-1.html

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page