Oracle
PeopleSoft Enterprise PeopleTools
An unauthenticated, easily exploitable vulnerability in the PeopleSoft Updates Environment Management component allows for complete system takeover vi...
2026-06-11
Description
An unauthenticated, easily exploitable vulnerability in the PeopleSoft Updates Environment Management component allows for complete system takeover via HTTP.
AI Analyst Comment
Remediation
Update Oracle PeopleSoft to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
CISA KEV Details
Deadline: June 14, 2026
Required Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
Known ransomware use
---METADATA---
VENDOR: goshs
PRODUCT: goshs
AFFECTED_VERSIONS: Prior to 2.0.0-beta.3
---END_METADATA---
Description Summary:
The goshs SimpleHTTPServer fails to sanitize directories during multipart POST uploads, enabling unauthorized file placement.
Executive Summary:
An arbitrary file write vulnerability in goshs allows remote attackers to place files in unauthorized locations, potentially leading to system compromise.
Vulnerability Details
CVE-ID: CVE-2026-35393
Affected Software: goshs
Affected Versions: Prior to 2.0.0-beta.3
Vulnerability: The application fails to sanitize the target directory for multipart POST uploads. This allows an attacker to manipulate the upload destination via malicious input.
Business Impact
This vulnerability enables unauthorized file uploads, which can be used to place malicious scripts or overwrite system files. With a CVSS score of 9.8, this poses a high risk of complete server takeover.
Remediation Plan
Immediate Action: Update goshs to version 2.0.0-beta.3 or later.
Proactive Monitoring: Review access logs for suspicious POST requests and verify the integrity of uploaded files.
Compensating Controls: Implement strict filesystem permissions and ensure the service runs in a restricted chroot or containerized environment.
Exploitation Status
Public Exploit Available: Unknown
Analyst Notes: As of Apr 6, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Immediate remediation is required to prevent unauthorized file placement. Upgrade to the latest version to ensure that input sanitization is correctly implemented for all file upload methods.