CVE-2026-34109
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk41th percentile — higher than 41% of all known CVEs
Summary
The vulnerability in the Guardian language system involves passing the 'id' GET parameter directly into a PHP exec() call in speech.php without sanitization. An unauthenticated attacker can append shell metacharacters to execute arbitrary OS commands on the server.
Risk Assessment
The risk for the organization includes full server compromise, data theft, malware installation, and use of the server for further attacks. No authentication is required, making remote exploitation easy.
Recommendation
Immediately update the Guardian system to the latest patched version. Until then, disable or secure speech.php and apply input filtering and validation to all parameters.
Original NVD description (English source)
Guardian language-system passes the id GET parameter directly into a PHP exec() call in speech.php (line 18) without sanitization: exec(\"php jobs/speech_audio.php \".$login_session.\" \".$_GET['id'].\" ...\"). No authentication is required. An unauthenticated remote attacker can append shell metacharacters to execute arbitrary OS commands on the server.

