SB2026022708 - Multiple vulnerabilities in IBM Sterling Secure Proxy

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2026022708

SB2026022708 - Multiple vulnerabilities in IBM Sterling Secure Proxy

Published: February 27, 2026

Security Bulletin ID SB2026022708
Severity
High
Patch available
YES
Number of vulnerabilities 7
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 29% Medium 71%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.


1) OS Command Injection (CVE-ID: CVE-2025-64756)

The vulnerability allows a remote user to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation when processing file names. A remote user can pass specially crafted filename to the application and execute arbitrary OS commands on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


2) Interpretation conflict (CVE-ID: CVE-2025-12816)

The vulnerability allows a remote attacker to bypass downstream cryptographic verification and security decisions.

The vulnerability exists due to incorrect validation of ASN.1 structures within the asn1.validate() function in forge/lib/asn1.js. A remote non-authenticated attacker can use specially crafted ASN.1 structures to desynchronize DER schema validations and bypass downstream cryptographic verification and security decisions.


3) Integer overflow (CVE-ID: CVE-2025-66030)

The vulnerability allows a remote attacker to perform spoofing attack. 

The vulnerability exists due to integer overflow within the asn1.derToOid() function in forge/lib/asn1.js when parsing ASN.1 structures containing OIDs with oversized arcs. A remote attacker can construct a specially crafted ASN.1 object to spoof an OID and bypass downstream OID-based security decisions.


4) Uncontrolled recursion (CVE-ID: CVE-2025-66031)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to uncontrolled recursion within the asn1.fromDer() function in forge/lib/asn1.js. A remote non-authenticated attacker can pass specially crafted deep ASN.1 structures to trigger unbounded recursive parsing and perform a denial of service attack.


5) Prototype pollution (CVE-ID: CVE-2025-61140)

The vulnerability allows a remote attacker to execute arbitrary JavaScript code.

The vulnerability exists due to improper input validation. A remote attacker can pass specially crafted input to the application and perform prototype pollution, which can result in information disclosure or data manipulation.


6) Resource exhaustion (CVE-ID: CVE-2025-15284)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to the arrayLimit option does not enforce limits for bracket notation (a[]=1&a[]=2). A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.


7) Code Injection (CVE-ID: CVE-2026-1615)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to unsafe evaluation of user-supplied JSON Path expressions. A remote attacker can send a specially crafted request and execute arbitrary code on the target system.


Remediation

Install update from vendor's website.

References