CVE-2026-5801 - SQL Injection Leading to Command Line Execution in Semtek SEM-PMP
An SQL injection vulnerability, tracked as CVE-2026-5801, has been identified in Semtek Informatics Software Consulting Trade Ltd. Co. SEM-PMP versions through 23042026, allowing unauthenticated attackers to achieve command line execution on the underlying system with a critical CVSS v3.1 score of 9.8.
A critical SQL injection vulnerability, CVE-2026-5801, has been disclosed in Semtek Informatics Software Consulting Trade Ltd. Co.'s SEM-PMP software. This flaw affects all versions through 23042026 and allows for improper neutralization of special elements within SQL commands, enabling command line execution via SQL injection. The vulnerability, identified by the Computer Emergency Response Team of the Republic of Turkey, carries a CVSS v3.1 base score of 9.8, indicating severe potential impact. Exploitation could allow unauthenticated remote attackers to execute arbitrary operating system commands, leading to complete compromise of the affected system. Organizations utilizing SEM-PMP should prioritize patching to mitigate this severe risk.
Attack Chain
- An attacker identifies a vulnerable input parameter within the Semtek SEM-PMP application that is susceptible to SQL injection.
- The attacker crafts a malicious SQL payload containing command line execution statements, designed to bypass input validation.
- The attacker injects this specially crafted SQL payload into the vulnerable parameter, typically through an unauthenticated web request.
- The SEM-PMP application processes the untrusted input directly into an SQL query without proper sanitization.
- The backend database executes the injected SQL query, which in turn triggers the command line execution portion of the payload.
- The operating system on the server hosting SEM-PMP executes the attacker-supplied commands, granting the attacker arbitrary code execution capabilities.
- This can lead to data exfiltration, system compromise, or the deployment of additional malicious software.
Impact
Successful exploitation of CVE-2026-5801 grants an unauthenticated attacker the ability to execute arbitrary commands on the server running Semtek SEM-PMP. This high-severity vulnerability (CVSS v3.1: 9.8 Critical) could lead to complete system compromise, including unauthorized access to sensitive data, modification or deletion of data, installation of malware such as ransomware or backdoors, and establishment of persistent access. The broad nature of "command line execution" implies that attackers can perform almost any action permitted by the compromised application's privileges, making this a significant threat to the integrity and confidentiality of targeted organizations.
Recommendation
- Patch Semtek Informatics Software Consulting Trade Ltd. Co. SEM-PMP to a version that addresses CVE-2026-5801 immediately.
- Deploy the provided Sigma rule to your SIEM to detect attempts at web-based SQL injection, including potential exploitation of CVE-2026-5801.
- Monitor web server access logs for unusual request patterns, particularly those targeting Semtek SEM-PMP endpoints, and look for SQL injection characteristics in
cs-uri-queryandcs-uri-stem.
Detection coverage 1
Detects CVE-2026-5801 Exploitation - Web-based SQL Injection Patterns
highDetects web requests containing common SQL injection patterns targeting vulnerable web applications like Semtek SEM-PMP, which could indicate exploitation of CVE-2026-5801 for command line execution.
Detection queries are available on the platform. Get full rules →
Indicators of compromise
1
url
| Type | Value |
|---|---|
| url | https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0527 |