Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

CVE-2026-34115— Guardian Language-System Unauthenticated OS Command Injection via id Parameter in transcribe_amazon.php

CVSS 9.8 · Critical EPSS 0.54% · P41

Possible ATT&CK Techniques 1AI

T1190 · Exploit Public-Facing Application

Affected Version Matrix 1

VendorProductVersion RangeStatus
guardianlanguage-system≤ e42c395ec4b03fe62973a669c9209a673838b8a4affected
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-34115

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Guardian Language-System Unauthenticated OS Command Injection via id Parameter in transcribe_amazon.php
Source: NVD (National Vulnerability Database)
Vulnerability Description
Guardian language-system passes the id GET parameter directly into a PHP exec() call in transcribe_amazon.php (line 15) without sanitization: exec(\"php jobs/transcribe_amazon.php \".$login_session.\" \".$_GET['id'].\" ...\"). No authentication is required. An unauthenticated remote attacker can append shell metacharacters to execute arbitrary OS commands on the server.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Guardian language-system 命令注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Guardian language-system是英国Guardian公司的一个支持语言系统的企业应用。 Guardian language-system存在命令注入漏洞,该漏洞源于对transcribe_amazon.php文件中id GET参数未进行清理直接传递给PHP exec()调用,未经身份验证的远程攻击者可附加shell元字符执行任意OS命令。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
guardianlanguage-system 0 ~ e42c395ec4b03fe62973a669c9209a673838b8a4 -

II. Public POCs for CVE-2026-34115

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-34115

登录查看更多情报信息。

Proof of Concept for CVE-2026-34115 (1)

News Coverage for CVE-2026-34115 (1)

Same Patch Batch · guardian · 2026-07-01 · 22 CVEs total

CVE-2026-340999.8 CRITICALGuardian Language-System Unauthenticated SQL Injection via id Parameter in job_info.php
CVE-2026-341099.8 CRITICALGuardian Language-System Unauthenticated OS Command Injection via id Parameter in speech.p
CVE-2026-341139.8 CRITICALGuardian Language-System Unauthenticated OS Command Injection via id Parameter in speech_t
CVE-2026-341049.8 CRITICALGuardian Language-System Unauthenticated SQL Injection via name Parameter in designer.php
CVE-2026-341079.8 CRITICALGuardian Language-System Unauthenticated OS Command Injection via id Parameter in translat
CVE-2026-341109.8 CRITICALGuardian Language-System Unauthenticated OS Command Injection via id Parameter in complex_
CVE-2026-341149.8 CRITICALGuardian Language-System Unauthenticated OS Command Injection via id Parameter in translat
CVE-2026-341119.8 CRITICALGuardian Language-System Unauthenticated OS Command Injection via id Parameter in speechma
CVE-2026-341029.8 CRITICALGuardian Language-System Unauthenticated SQL Injection via id Parameter in job_info_get.ph
CVE-2026-341089.8 CRITICALGuardian Language-System Unauthenticated OS Command Injection via id Parameter in text.php
CVE-2026-341169.8 CRITICALGuardian Language-System Unauthenticated OS Command Injection via id Parameter in transcri
CVE-2026-341039.8 CRITICALGuardian Language-System Unauthenticated SQL Injection via id Parameter in subtitles.php
CVE-2026-341019.8 CRITICALGuardian Language-System Unauthenticated SQL Injection via id Parameter in text_file.php
CVE-2026-341129.8 CRITICALGuardian Language-System Unauthenticated OS Command Injection via id Parameter in speechma
CVE-2026-341069.8 CRITICALGuardian Language-System Unauthenticated OS Command Injection via id Parameter in subtitle
CVE-2026-341009.8 CRITICALGuardian Language-System Unauthenticated SQL Injection via id Parameter in media.php
CVE-2026-341179.8 CRITICALGuardian Language-System Unauthenticated OS Command Injection via id Parameter in text_to_
CVE-2026-341059.8 CRITICALGuardian Language-System Unauthenticated SQL Injection via id Parameter in translate_text.
CVE-2026-340964.6 MEDIUMGuardian Language-System XSS via name Parameter in designer.php
CVE-2026-340984.6 MEDIUMGuardian Language-System XSS via id Parameter in media.php

Showing top 20 of 22 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

V. Comments for CVE-2026-34115

No comments yet


Leave a comment