What is the CVSS score of CVE-2025-15500?

CVE-2025-15500 has a CVSS 3.1 base score of 9.8 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.3%.

Which versions of Operation And Maintenance Management System are affected by CVE-2025-15500?

Organizations using Sangfor Operation and Maintenance Management System face critical risk from CVE-2025-15500, a command injection vulnerability rated CVSS 9.8.

Is there a public PoC exploit available for CVE-2025-15500?

Yes, a public proof-of-concept exploit is available for CVE-2025-15500. Prioritise patching immediately. EPSS: 0.3%.

How to fix or mitigate CVE-2025-15500?

Within 24 hours: Identify all affected systems running Sangfor Operation and Maintenance Management System and apply vendor patches immediately. Validate that input sanitization is in place for all user-controlled parameters.

Operation And Maintenance Management System CVE-2025-15500

CRITICAL

Command Injection (CWE-77)

2026-01-09 cna@vuldb.com

Command Injection Operation And Maintenance Management System

9.8

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

9.8 CRITICAL

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

PoC Detected

Jan 22, 2026 - 21:49 vuln.today

Public exploit code

CVE Published

Jan 09, 2026 - 22:15 nvd

CRITICAL 9.8

DescriptionCVE.org

A vulnerability was found in Sangfor Operation and Maintenance Management System up to 3.0.8. This issue affects some unknown processing of the file /isomp-protocol/protocol/getHis of the component HTTP POST Request Handler. The manipulation of the argument sessionPath results in os command injection. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Sangfor Operation and Maintenance Management System (through 3.0.8) has OS command injection in /isomp-protocol/protocol/getHis via the sessionPath parameter. Public exploit available, vendor unresponsive.

Technical ContextAI

The sessionPath parameter in the HTTP POST handler for /isomp-protocol/protocol/getHis is used in an OS command without sanitization (CWE-77). The public exploit makes this trivially exploitable.

RemediationAI

Restrict access to the management interface. Contact Sangfor for patches. Consider alternative management solutions if the vendor remains unresponsive.

CVE-2025-15500 vulnerability details – vuln.today

Back

Operation And Maintenance Management System CVE-2025-15500

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code