Skip to main content

Canias ERP CVE-2026-8217

| EUVDEUVD-2026-28953 LOW
OS Command Injection (CWE-78)
2026-05-10 VulDB GHSA-25r6-gqj3-prpr
2.1
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.1 LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

4
Analysis Generated
May 10, 2026 - 02:29 vuln.today
Severity Changed
May 10, 2026 - 02:22 NVD
MEDIUM LOW
CVSS changed
May 10, 2026 - 02:22 NVD
6.3 (MEDIUM) 2.1 (LOW)
CVE Published
May 10, 2026 - 01:15 nvd
LOW 2.1

DescriptionCVE.org

A security flaw has been discovered in Industrial Application Software IAS Canias ERP 8.03. Impacted is the function Runtime.getRuntime.exec of the component RMI Interface. Performing a manipulation of the argument troiaCode results in os command injection. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

OS command injection via Runtime.getRuntime.exec in Canias ERP 8.03 RMI Interface allows authenticated remote attackers to execute arbitrary operating system commands by manipulating the troiaCode argument. The vulnerability carries low confidentiality, integrity, and availability impact (CVSS 2.1), but publicly available exploit code exists and the vendor has not responded to early disclosure.

Technical ContextAI

Canias ERP exposes a Java Remote Method Invocation (RMI) interface that includes a Runtime.getRuntime.exec method. The troiaCode parameter passed to this method is not properly sanitized before being used in OS command execution, violating CWE-78 (Improper Neutralization of Special Elements used in an OS Command). The RMI component allows network-accessible method invocation with authentication, making this a remote vector despite the low impact rating. The underlying flaw is insufficient input validation on a parameter that directly influences command construction.

RemediationAI

No vendor-released patch identified at time of analysis due to vendor non-response. Primary mitigations are network-level and access controls: (1) Restrict network access to RMI ports (typically 1099 or custom-configured) using firewall rules to trusted administrative hosts only - this eliminates the remote attack vector despite the network CVSS rating. (2) Enforce strong authentication credentials for Canias ERP and revoke default accounts; monitor RMI connection logs for unauthorized access attempts. (3) Implement application-level input validation and filtering on the troiaCode parameter if Canias ERP configuration permits, or file a support request with the vendor (Industrial Application Software IAS) requesting a patched version and security acknowledgment. (4) Monitor outbound OS commands from the Canias ERP application process using endpoint detection and response (EDR) or command-line auditing (auditd on Linux, Event ID 4688 on Windows) to detect exploitation attempts. Given vendor non-responsiveness, organizations should evaluate upgrading to a successor ERP product if long-term patching and support are required. References: VulDB #362434 (https://vuldb.com/vuln/362434), exploit PoC at https://gist.github.com/0xb1lal/6ccc2356e7e0a26f7b8a6bd6f0d84bbb.

Share

CVE-2026-8217 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy