OS Command Injection Vulnerability in Sangfor EDR Management Platform
CVE-2025-34041

10CRITICAL

Key Information:

Vendor

Sangfor Technologies Co., Ltd.

Status
Endpoint Detection And Response Platform
Vendor
CVE Published:
24 June 2025

What is CVE-2025-34041?

A significant OS command injection vulnerability has been identified in the Chinese versions of the Sangfor Endpoint Detection and Response (EDR) management platform. This flaw permits unauthenticated attackers to craft and dispatch malicious HTTP requests to the EDR Manager interface. When exploited, this vulnerability allows attackers to execute arbitrary commands with elevated privileges, posing a serious security risk. This issue is specific to the Chinese-language builds of the EDR, emphasizing the need for organizations using these versions to implement timely security measures.

Affected Version(s)

Endpoint Detection and Response Platform 3.2.16

Endpoint Detection and Response Platform 3.2.17

Endpoint Detection and Response Platform 3.2.19

References

https://www.sangfor.com/blog/cybersecurity/sangfor-endpoi...
vendor-advisorypatchtechnical-description
https://www.cnvd.org.cn/flaw/show/CNVD-2020-46552
third-party-advisory
https://vulncheck.com/advisories/sangfor-edr-command-inje...
third-party-advisory

CVSS V4

Score:
10
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-34041 : OS Command Injection Vulnerability in Sangfor EDR Management Platform