NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-12104

Summary	OS command injection in the environment and tunnel configuration functionality in SIMA GmbH Bondix through version 1.25.7.5 on Linux allows an authenticated attacker with configuration write access to execute arbitrary operating-system commands via crafted configuration values passed to server-side scripts.
Publication Date	June 19, 2026, 11:16 p.m.
Registration Date	June 27, 2026, 4:04 a.m.
Last Update	June 23, 2026, 5:16 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://wiki.bondix.dev/wiki/Downloads#Release_Notes	vulnerability@ncsc.ch
2	https://wiki.bondix.dev/wiki/Security_Advisories#CVE-2026-12104_%E2%80%94_Authenticated_OS_Command_Injection_in_Bondix	vulnerability@ncsc.ch

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-78	OSコマンド・インジェクション	https://cwe.mitre.org/data/definitions/78.html