Skip to main content

R-SOFT DMS CVE-2026-41880

| EUVDEUVD-2026-42855 CRITICAL
OS Command Injection (CWE-78)
2026-07-10 cvd@cert.pl GHSA-p8q4-pvx5-wjx2
9.0
CVSS 4.0 · Vendor: cert
Share

Severity by source

Vendor (cert) PRIMARY
9.0 CRITICAL
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from Vendor (cert) · only source for this CVE.

CVSS VectorVendor: cert

CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

2
CVE Published
Jul 10, 2026 - 10:39 cve.org
CRITICAL 9.0
Analysis Generated
Jul 10, 2026 - 10:37 vuln.today

DescriptionCVE.org

R-SOFT DMS is vulnerable to OS Command Injection in the Optical Character Recognition (OCR) module. Multiple command execution functions accept user-controllable file paths without proper sanitization before passing them to the system shell via SSH. In current infrastructure the URL encoding neutralizes the injection during the standard web upload flow. An authenticated attacker who is able to trigger the OCR functionality for the uploaded file can execute OS commands within the context of a root user.

This issue was fixed in version v3.19-2862 and v3.17-2580.

AnalysisAI

OS command injection as root in the R-SOFT DMS Optical Character Recognition (OCR) module lets an authenticated attacker run arbitrary shell commands. Multiple OCR command-execution functions accept user-controllable file paths and pass them unsanitized to the system shell over SSH, yielding full root-level compromise of the document management server. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-41880 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy