A critical code injection vulnerability in the Orpak SiteOmat OrCU component allows unauthenticated attackers to execute arbitrary shell commands, risking full system compromise.

The vulnerability exists in the OrCU component, which fails to sanitize input in a search query that triggers a direct shell command. By injecting malicious parameters into the request, an attacker can execute arbitrary commands on the underlying operating system.

With a CVSS score of 8.6, this vulnerability poses a severe threat, allowing for unauthorized access to view and edit payment information, system configurations, and monitoring data. Successful exploitation could lead to full remote code execution, enabling attackers to disrupt critical business operations or exfiltrate sensitive financial records.

Immediate Action: Upgrade the Orpak SiteOmat software to version 6.4.414.122 or later immediately to patch the command injection vector.

Proactive Monitoring: Review system logs for suspicious shell commands or unauthorized requests targeting the OrCU component.

Compensating Controls: Deploy a Web Application Firewall (WAF) to inspect and block malicious input strings containing shell metacharacters before they reach the application.

Public Exploit Available: true

This vulnerability is critical due to the confirmed existence of public exploit code and active exploitation observed in the field. Administrators should treat this as a high-priority incident and apply the recommended version update without delay to prevent unauthorized remote code execution.