[VULNERABILITY ALERT] W-Bridge Information | Single Sign-On and Electronic Directory Service System - 2 Vulnerabilities Found

• Subject: [VULNERABILITY ALERT] W-Bridge Information | Single Sign-On and Electronic Directory Service System - 2 Vulnerabilities Found

• Content Description:
  • Forwarded from Taiwan Computer Emergency Response Team/Coordination Center (TWCERTCC) Security Alert TWCERTCC-200-202601-00000023
  • [W-Bridge Information | Single Sign-On and Electronic Directory Service System - OS Command Injection]
  • (CVE-2026-1427, CVSS: 8.8) An OS Command Injection vulnerability exists in the Single Sign-On and Electronic Directory Service System. An authenticated remote attacker can inject and execute arbitrary operating system commands on the server.
  • [W-Bridge Information | Single Sign-On and Electronic Directory Service System - OS Command Injection]
  • (CVE-2026-1428, CVSS: 8.8) An OS Command Injection vulnerability exists in the Single Sign-On and Electronic Directory Service System. An authenticated remote attacker can inject and execute arbitrary operating system commands on the server.
• Affected Platforms:
  • Electronic Directory Service System (V4) versions prior to IFTOP_P4_181 (exclusive)
• Recommended Actions:
  • Update Electronic Directory Service System (V4) to version IFTOP_P4_181 or later.
• Reference Material:
  1. https://www.twcert.org.tw/tw/cp-132-10654-23f40-1.html

Computer and Communication Center
Network Systems Division, Respectfully