ГлавнаяУязвимости → CVE-2026-31386
7.2высокая

CVE-2026-31386

Описание

OpenLiteSpeed and LSWS Enterprise provided by LiteSpeed Technologies contain an OS command injection vulnerability. An arbitrary OS command may be executed by an attacker with the administrative privilege.

Затрагиваемое ПО
Litespeedtech Litespeed web serverLitespeedtech Openlitespeed
CVSS
Балл7.2 — высокая
ВекторCVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Источники
https://jvn.jp/en/jp/JVN22152812/https://openlitespeed.org/https://www.litespeedtech.com/products/litespeed-web-server