2026-01-15 16:44:15
cisa-cg
PUBLISHED
Sites running NOAA PMEL Live Access Server (LAS) are vulnerable to remote code execution via specially crafted requests that include PyFerret expressions. By leveraging a SPAWN command, a remote, unauthenticated attacker can execute arbitrary OS commands. Fixed in a version of gov.noaa.pmel.tmap.las.filter.RequestInputFilter.java from 2025-09-24.