Cyber Resilience

CVE-2026-4585

HighRCE

Published: 23 March 2026

Published
23 March 2026
Modified
24 April 2026
KEV Added
Patch
CVSS Score v4 8.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0331 87.0th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-4585 is a high-severity Command Injection (CWE-77) vulnerability in Feishu (inferred from references). Its CVSS base score is 8.9 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 13.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-4585 is an OS command injection vulnerability affecting the Tiandy Easy7 Integrated Management Platform up to version 7.17.0. The issue resides in unknown code within the file /Easy7/apps/WebService/ImportSystemConfiguration.jsp of the Configuration Handler component, where manipulation of the File argument enables command injection. It is associated with CWE-77 and CWE-78.

The vulnerability allows remote exploitation without authentication, privileges, or user interaction, and with low attack complexity. Attackers can achieve high impacts on confidentiality, integrity, and availability, as reflected in its CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Advisories from VulDB indicate that the vendor was contacted early regarding the disclosure but provided no response. No patches or specific mitigations are detailed in the available information. Relevant references include https://vuldb.com/?ctiid.352422, https://vuldb.com/?id.352422, https://vuldb.com/?submit.775457, and https://my.feishu.cn/docx/WkHjd3oajoIw5exHk9ecUHaFnKd?from=from_copylink.

The exploit has been publicly disclosed and may be used by attackers.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

A vulnerability has been found in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This vulnerability affects unknown code of the file /Easy7/apps/WebService/ImportSystemConfiguration.jsp of the component Configuration Handler. The manipulation of the argument File leads to os command injection. The…

more

attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1059 Command and Scripting Interpreter Execution
Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.
Why these techniques?

CVE enables unauthenticated remote OS command injection via public-facing web application parameter manipulation, directly facilitating T1190 (Exploit Public-Facing Application) for initial access and T1059 (Command and Scripting Interpreter) for arbitrary command execution.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-7062Shared CWE-77, CWE-78
CVE-2025-1676Shared CWE-77, CWE-78
CVE-2026-1544Shared CWE-77, CWE-78
CVE-2025-1536Shared CWE-77, CWE-78
CVE-2025-59740Shared CWE-77, CWE-78
CVE-2026-7590Shared CWE-77, CWE-78
CVE-2025-59736Shared CWE-77, CWE-78
CVE-2026-4170Shared CWE-77, CWE-78
CVE-2026-2544Shared CWE-77, CWE-78
CVE-2025-44015Shared CWE-77, CWE-78

Affected Assets

Feishu
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires validation of the File argument to prevent OS command injection in the vulnerable JSP endpoint.

prevent

Ensures timely remediation of the disclosed and unpatched OS command injection flaw through patching or workarounds.

preventdetect

Boundary protection mechanisms like web application firewalls can block or detect remote command injection attempts targeting the exposed endpoint.

References