CVE-2026-2184

HighPublic PoC

Published: 08 February 2026

Published

08 February 2026

Modified

24 February 2026

KEV Added

—

Patch

—

CVSS Score 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

EPSS Score 0.0006 19.3th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-2184 is a high-severity Command Injection (CWE-77) vulnerability in Greatdevelopers Certificate. Its CVSS base score is 7.3 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 19.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique.

Threat & Defense Details

Likely Mitigating ControlsAI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

SC-27 Platform-independent Applications

addresses: CWE-78

Platform-independent apps typically execute inside a managed runtime or sandbox that restricts direct OS command execution, reducing the ability to exploit OS command injection.

SI-10 Information Input Validation

addresses: CWE-78

Validates inputs to block special elements that would alter OS command execution.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1059 Command and Scripting Interpreter Execution

Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.

attack.mitre.org →

Why these techniques?

OS command injection in public-facing web component (/restructured/csv.php) directly enables remote arbitrary command execution (T1190) via shell interpreters (T1059).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

A vulnerability was detected in Great Developers Certificate Generation System up to 97171bb0e5e22e52eacf4e4fa81773e5f3cffb73. This vulnerability affects unknown code of the file /restructured/csv.php. The manipulation of the argument photo results in os command injection. The attack can be executed remotely. This…

product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. The code repository of the project has not been active for many years.

Deeper analysisAI

CVE-2026-2184 is an OS command injection vulnerability in the Great Developers Certificate Generation System up to commit 97171bb0e5e22e52eacf4e4fa81773e5f3cffb73. The issue resides in unknown code within the file /restructured/csv.php, where manipulation of the 'photo' argument triggers the injection. The product uses a rolling release model, making specific version information for affected or patched releases unavailable, and its code repository has been inactive for many years.

The vulnerability carries a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) and maps to CWE-77 (Command Injection) and CWE-78 (OS Command Injection). A remote attacker requires no privileges or user interaction to exploit it over the network with low complexity, potentially achieving low-level impacts on confidentiality, integrity, and availability through arbitrary OS command execution.

Advisories referenced in VulDB entries (ctiid.344887, id.344887, submit.749714) and a GitHub discovery note (lakshayyverma/CVE-Discovery) document the flaw but provide no details on patches or mitigations, consistent with the project's inactive repository and lack of versioned releases. Security practitioners should isolate or decommission affected instances.

Details

CWE(s): CWE-77 CWE-78

Affected Products

greatdevelopers

certificate

≤ 2017-10-16

CVEs Like This One

CVE-2026-2183Same product: Greatdevelopers Certificate

CVE-2025-1676Shared CWE-77, CWE-78

CVE-2026-5973Shared CWE-77, CWE-78

CVE-2025-59740Shared CWE-77, CWE-78

CVE-2025-1536Shared CWE-77, CWE-78

CVE-2026-4585Shared CWE-77, CWE-78

CVE-2026-4170Shared CWE-77, CWE-78

CVE-2026-2952Shared CWE-77, CWE-78

CVE-2025-1546Shared CWE-77, CWE-78

CVE-2026-7590Shared CWE-77, CWE-78

References

https://github.com/lakshayyverma/CVE-Discovery/blob/main/Certificate2.md
Exploit, Third Party Advisory · cna@vuldb.com
https://vuldb.com/?ctiid.344887
Permissions Required, VDB Entry · cna@vuldb.com
https://vuldb.com/?id.344887
Third Party Advisory, VDB Entry · cna@vuldb.com
https://vuldb.com/?submit.749714
Third Party Advisory, VDB Entry · cna@vuldb.com