Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for sonic-agent by SonicCloudOrg

    CVE-2026-15497 (GCVE-0-2026-15497)

    Vulnerability from nvd – Published: 2026-07-12 11:15 – Updated: 2026-07-12 11:15 Unsupported When Assigned
    VLAI
    Title
    SonicCloudOrg sonic-agent JWT Authentication Filter ExchangeController.java code injection
    Summary
    A vulnerability was determined in SonicCloudOrg sonic-agent up to 2.7.2. This affects an unknown function of the file sonic-server-controller/src/main/java/org/cloud/sonic/controller/controller/ExchangeController.java of the component JWT Authentication Filter. This manipulation causes code injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. This vulnerability only affects products that are no longer supported by the maintainer.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    SonicCloudOrg sonic-agent Affected: 2.7.0
    Affected: 2.7.1
    Affected: 2.7.2
        cpe:2.3:a:soniccloudorg:sonic-agent:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    xpp39 (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:soniccloudorg:sonic-agent:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "JWT Authentication Filter"
              ],
              "product": "sonic-agent",
              "vendor": "SonicCloudOrg",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.7.0"
                },
                {
                  "status": "affected",
                  "version": "2.7.1"
                },
                {
                  "status": "affected",
                  "version": "2.7.2"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "xpp39 (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was determined in SonicCloudOrg sonic-agent up to 2.7.2. This affects an unknown function of the file sonic-server-controller/src/main/java/org/cloud/sonic/controller/controller/ExchangeController.java of the component JWT Authentication Filter. This manipulation causes code injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. This vulnerability only affects products that are no longer supported by the maintainer."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 7.5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "Code Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-74",
                  "description": "Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-12T11:15:07.681Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-377804 | SonicCloudOrg sonic-agent JWT Authentication Filter ExchangeController.java code injection",
              "tags": [
                "vdb-entry"
              ],
              "url": "https://vuldb.com/vuln/377804"
            },
            {
              "name": "VDB-377804 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/377804/cti"
            },
            {
              "name": "CVE-2026-15497 | CVE Analysis and Report",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/cve/CVE-2026-15497"
            },
            {
              "name": "Submit #844486 | SonicCloudOrg SonicServer 2.7.2 Code Injection",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/844486"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/xpp3901/CVE_APPLY/blob/main/V-S001_SonicCloudPlatform_Unauth_ExchangeSend"
            }
          ],
          "tags": [
            "unsupported-when-assigned"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-11T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-07-11T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-07-11T14:29:12.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "SonicCloudOrg sonic-agent JWT Authentication Filter ExchangeController.java code injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-15497",
        "datePublished": "2026-07-12T11:15:07.681Z",
        "dateReserved": "2026-07-11T12:24:01.571Z",
        "dateUpdated": "2026-07-12T11:15:07.681Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-15496 (GCVE-0-2026-15496)

    Vulnerability from nvd – Published: 2026-07-12 11:00 – Updated: 2026-07-12 11:00 Unsupported When Assigned
    VLAI
    Title
    SonicCloudOrg sonic-agent Groovy Script GroovyScriptImpl.java evalIsFailed os command injection
    Summary
    A vulnerability was found in SonicCloudOrg sonic-agent up to 2.7.2. The impacted element is the function evalIsFailed of the file sonic-agent/src/main/java/org/cloud/sonic/agent/tests/script/GroovyScriptImpl.java of the component Groovy Script Handler. The manipulation results in os command injection. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. This vulnerability only affects products that are no longer supported by the maintainer.
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/vuln/377803 vdb-entrytechnical-description
    https://vuldb.com/vuln/377803/cti signaturepermissions-required
    https://vuldb.com/cve/CVE-2026-15496 third-party-advisory
    https://vuldb.com/submit/844485 third-party-advisory
    https://github.com/xpp3901/CVE_APPLY/tree/main/V-… exploit
    Impacted products
    Vendor Product Version
    SonicCloudOrg sonic-agent Affected: 2.7.0
    Affected: 2.7.1
    Affected: 2.7.2
        cpe:2.3:a:soniccloudorg:sonic-agent:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    xpp39 (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:soniccloudorg:sonic-agent:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "Groovy Script Handler"
              ],
              "product": "sonic-agent",
              "vendor": "SonicCloudOrg",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.7.0"
                },
                {
                  "status": "affected",
                  "version": "2.7.1"
                },
                {
                  "status": "affected",
                  "version": "2.7.2"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "xpp39 (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in SonicCloudOrg sonic-agent up to 2.7.2. The impacted element is the function evalIsFailed of the file sonic-agent/src/main/java/org/cloud/sonic/agent/tests/script/GroovyScriptImpl.java of the component Groovy Script Handler. The manipulation results in os command injection. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. This vulnerability only affects products that are no longer supported by the maintainer."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "OS Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-12T11:00:07.400Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-377803 | SonicCloudOrg sonic-agent Groovy Script GroovyScriptImpl.java evalIsFailed os command injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/377803"
            },
            {
              "name": "VDB-377803 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/377803/cti"
            },
            {
              "name": "CVE-2026-15496 | CVE Analysis and Report",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/cve/CVE-2026-15496"
            },
            {
              "name": "Submit #844485 | SonicCloudOrg SonicServer 2.7.2 Code Injection",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/844485"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/xpp3901/CVE_APPLY/tree/main/V-S002_SonicCloudPlatform_Groovy_Unsandboxed_RCE"
            }
          ],
          "tags": [
            "unsupported-when-assigned"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-11T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-07-11T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-07-11T14:29:09.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "SonicCloudOrg sonic-agent Groovy Script GroovyScriptImpl.java evalIsFailed os command injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-15496",
        "datePublished": "2026-07-12T11:00:07.400Z",
        "dateReserved": "2026-07-11T12:23:57.456Z",
        "dateUpdated": "2026-07-12T11:00:07.400Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-15495 (GCVE-0-2026-15495)

    Vulnerability from nvd – Published: 2026-07-12 10:45 – Updated: 2026-07-12 10:45 Unsupported When Assigned
    VLAI
    Title
    SonicCloudOrg sonic-agent Android WebSocket Server AndroidWSServer.java os command injection
    Summary
    A vulnerability has been found in SonicCloudOrg sonic-agent up to 2.7.2. The affected element is an unknown function of the file AndroidWSServer.java of the component Android WebSocket Server. The manipulation of the argument path leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. This vulnerability only affects products that are no longer supported by the maintainer.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    SonicCloudOrg sonic-agent Affected: 2.7.0
    Affected: 2.7.1
    Affected: 2.7.2
        cpe:2.3:a:soniccloudorg:sonic-agent:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    xpp39 (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:soniccloudorg:sonic-agent:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "Android WebSocket Server"
              ],
              "product": "sonic-agent",
              "vendor": "SonicCloudOrg",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.7.0"
                },
                {
                  "status": "affected",
                  "version": "2.7.1"
                },
                {
                  "status": "affected",
                  "version": "2.7.2"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "xpp39 (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been found in SonicCloudOrg sonic-agent up to 2.7.2. The affected element is an unknown function of the file AndroidWSServer.java of the component Android WebSocket Server. The manipulation of the argument path leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. This vulnerability only affects products that are no longer supported by the maintainer."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "OS Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-12T10:45:07.442Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-377802 | SonicCloudOrg sonic-agent Android WebSocket Server AndroidWSServer.java os command injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/377802"
            },
            {
              "name": "VDB-377802 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/377802/cti"
            },
            {
              "name": "CVE-2026-15495 | CVE Analysis and Report",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/cve/CVE-2026-15495"
            },
            {
              "name": "Submit #844484 | SonicCloudOrg SonicAgent 2.7.2 Command Injection",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/844484"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/xpp3901/CVE_APPLY/tree/main/V-S003_SonicAgent_pullFile_CmdInjection_RCE"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/xpp3901/CVE_APPLY/blob/main/V-S003_SonicAgent_pullFile_CmdInjection_RCE/poc_pullfile_rce.py"
            }
          ],
          "tags": [
            "unsupported-when-assigned"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-11T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-07-11T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-07-11T14:29:06.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "SonicCloudOrg sonic-agent Android WebSocket Server AndroidWSServer.java os command injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-15495",
        "datePublished": "2026-07-12T10:45:07.442Z",
        "dateReserved": "2026-07-11T12:23:54.881Z",
        "dateUpdated": "2026-07-12T10:45:07.442Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-15497 (GCVE-0-2026-15497)

    Vulnerability from cvelistv5 – Published: 2026-07-12 11:15 – Updated: 2026-07-12 11:15 Unsupported When Assigned
    VLAI
    Title
    SonicCloudOrg sonic-agent JWT Authentication Filter ExchangeController.java code injection
    Summary
    A vulnerability was determined in SonicCloudOrg sonic-agent up to 2.7.2. This affects an unknown function of the file sonic-server-controller/src/main/java/org/cloud/sonic/controller/controller/ExchangeController.java of the component JWT Authentication Filter. This manipulation causes code injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. This vulnerability only affects products that are no longer supported by the maintainer.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    SonicCloudOrg sonic-agent Affected: 2.7.0
    Affected: 2.7.1
    Affected: 2.7.2
        cpe:2.3:a:soniccloudorg:sonic-agent:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    xpp39 (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:soniccloudorg:sonic-agent:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "JWT Authentication Filter"
              ],
              "product": "sonic-agent",
              "vendor": "SonicCloudOrg",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.7.0"
                },
                {
                  "status": "affected",
                  "version": "2.7.1"
                },
                {
                  "status": "affected",
                  "version": "2.7.2"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "xpp39 (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was determined in SonicCloudOrg sonic-agent up to 2.7.2. This affects an unknown function of the file sonic-server-controller/src/main/java/org/cloud/sonic/controller/controller/ExchangeController.java of the component JWT Authentication Filter. This manipulation causes code injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. This vulnerability only affects products that are no longer supported by the maintainer."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 7.5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "Code Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-74",
                  "description": "Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-12T11:15:07.681Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-377804 | SonicCloudOrg sonic-agent JWT Authentication Filter ExchangeController.java code injection",
              "tags": [
                "vdb-entry"
              ],
              "url": "https://vuldb.com/vuln/377804"
            },
            {
              "name": "VDB-377804 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/377804/cti"
            },
            {
              "name": "CVE-2026-15497 | CVE Analysis and Report",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/cve/CVE-2026-15497"
            },
            {
              "name": "Submit #844486 | SonicCloudOrg SonicServer 2.7.2 Code Injection",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/844486"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/xpp3901/CVE_APPLY/blob/main/V-S001_SonicCloudPlatform_Unauth_ExchangeSend"
            }
          ],
          "tags": [
            "unsupported-when-assigned"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-11T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-07-11T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-07-11T14:29:12.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "SonicCloudOrg sonic-agent JWT Authentication Filter ExchangeController.java code injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-15497",
        "datePublished": "2026-07-12T11:15:07.681Z",
        "dateReserved": "2026-07-11T12:24:01.571Z",
        "dateUpdated": "2026-07-12T11:15:07.681Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-15496 (GCVE-0-2026-15496)

    Vulnerability from cvelistv5 – Published: 2026-07-12 11:00 – Updated: 2026-07-12 11:00 Unsupported When Assigned
    VLAI
    Title
    SonicCloudOrg sonic-agent Groovy Script GroovyScriptImpl.java evalIsFailed os command injection
    Summary
    A vulnerability was found in SonicCloudOrg sonic-agent up to 2.7.2. The impacted element is the function evalIsFailed of the file sonic-agent/src/main/java/org/cloud/sonic/agent/tests/script/GroovyScriptImpl.java of the component Groovy Script Handler. The manipulation results in os command injection. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. This vulnerability only affects products that are no longer supported by the maintainer.
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/vuln/377803 vdb-entrytechnical-description
    https://vuldb.com/vuln/377803/cti signaturepermissions-required
    https://vuldb.com/cve/CVE-2026-15496 third-party-advisory
    https://vuldb.com/submit/844485 third-party-advisory
    https://github.com/xpp3901/CVE_APPLY/tree/main/V-… exploit
    Impacted products
    Vendor Product Version
    SonicCloudOrg sonic-agent Affected: 2.7.0
    Affected: 2.7.1
    Affected: 2.7.2
        cpe:2.3:a:soniccloudorg:sonic-agent:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    xpp39 (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:soniccloudorg:sonic-agent:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "Groovy Script Handler"
              ],
              "product": "sonic-agent",
              "vendor": "SonicCloudOrg",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.7.0"
                },
                {
                  "status": "affected",
                  "version": "2.7.1"
                },
                {
                  "status": "affected",
                  "version": "2.7.2"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "xpp39 (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in SonicCloudOrg sonic-agent up to 2.7.2. The impacted element is the function evalIsFailed of the file sonic-agent/src/main/java/org/cloud/sonic/agent/tests/script/GroovyScriptImpl.java of the component Groovy Script Handler. The manipulation results in os command injection. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. This vulnerability only affects products that are no longer supported by the maintainer."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "OS Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-12T11:00:07.400Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-377803 | SonicCloudOrg sonic-agent Groovy Script GroovyScriptImpl.java evalIsFailed os command injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/377803"
            },
            {
              "name": "VDB-377803 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/377803/cti"
            },
            {
              "name": "CVE-2026-15496 | CVE Analysis and Report",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/cve/CVE-2026-15496"
            },
            {
              "name": "Submit #844485 | SonicCloudOrg SonicServer 2.7.2 Code Injection",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/844485"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/xpp3901/CVE_APPLY/tree/main/V-S002_SonicCloudPlatform_Groovy_Unsandboxed_RCE"
            }
          ],
          "tags": [
            "unsupported-when-assigned"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-11T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-07-11T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-07-11T14:29:09.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "SonicCloudOrg sonic-agent Groovy Script GroovyScriptImpl.java evalIsFailed os command injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-15496",
        "datePublished": "2026-07-12T11:00:07.400Z",
        "dateReserved": "2026-07-11T12:23:57.456Z",
        "dateUpdated": "2026-07-12T11:00:07.400Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-15495 (GCVE-0-2026-15495)

    Vulnerability from cvelistv5 – Published: 2026-07-12 10:45 – Updated: 2026-07-12 10:45 Unsupported When Assigned
    VLAI
    Title
    SonicCloudOrg sonic-agent Android WebSocket Server AndroidWSServer.java os command injection
    Summary
    A vulnerability has been found in SonicCloudOrg sonic-agent up to 2.7.2. The affected element is an unknown function of the file AndroidWSServer.java of the component Android WebSocket Server. The manipulation of the argument path leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. This vulnerability only affects products that are no longer supported by the maintainer.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    SonicCloudOrg sonic-agent Affected: 2.7.0
    Affected: 2.7.1
    Affected: 2.7.2
        cpe:2.3:a:soniccloudorg:sonic-agent:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    xpp39 (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:soniccloudorg:sonic-agent:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "Android WebSocket Server"
              ],
              "product": "sonic-agent",
              "vendor": "SonicCloudOrg",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.7.0"
                },
                {
                  "status": "affected",
                  "version": "2.7.1"
                },
                {
                  "status": "affected",
                  "version": "2.7.2"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "xpp39 (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been found in SonicCloudOrg sonic-agent up to 2.7.2. The affected element is an unknown function of the file AndroidWSServer.java of the component Android WebSocket Server. The manipulation of the argument path leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. This vulnerability only affects products that are no longer supported by the maintainer."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "OS Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-12T10:45:07.442Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-377802 | SonicCloudOrg sonic-agent Android WebSocket Server AndroidWSServer.java os command injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/377802"
            },
            {
              "name": "VDB-377802 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/377802/cti"
            },
            {
              "name": "CVE-2026-15495 | CVE Analysis and Report",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/cve/CVE-2026-15495"
            },
            {
              "name": "Submit #844484 | SonicCloudOrg SonicAgent 2.7.2 Command Injection",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/844484"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/xpp3901/CVE_APPLY/tree/main/V-S003_SonicAgent_pullFile_CmdInjection_RCE"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/xpp3901/CVE_APPLY/blob/main/V-S003_SonicAgent_pullFile_CmdInjection_RCE/poc_pullfile_rce.py"
            }
          ],
          "tags": [
            "unsupported-when-assigned"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-11T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-07-11T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-07-11T14:29:06.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "SonicCloudOrg sonic-agent Android WebSocket Server AndroidWSServer.java os command injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-15495",
        "datePublished": "2026-07-12T10:45:07.442Z",
        "dateReserved": "2026-07-11T12:23:54.881Z",
        "dateUpdated": "2026-07-12T10:45:07.442Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }