CVE-2026-34115: Guardian Language-System Unauthenticated OS Command Injection via id Parameter in transcribe_amazon.php
Guardian language-system passes the id GET parameter directly into a PHP exec() call in transcribe_amazon.php (line 15) without sanitization: exec(\"php jobs/transcribe_amazon.php \".$login_session.\" \".$_GET['id'].\" ...\"). No authentication is required. An unauthenticated remote attacker can append shell metacharacters to execute arbitrary OS commands on the server.
Metrics
- CVSS v4.0
- 9.3
- Severity
- CRITICAL
- Fixed in
- —
- Affected Products
- 1
HarborGuard Analysis
Synopsis
An OS command injection vulnerability affects Guardian language-system, a PHP-based transcription management application. The id GET parameter in transcribe_amazon.php is passed directly to a PHP exec() call with no sanitization and no authentication check, meaning any network-reachable attacker can send a crafted HTTP request to run arbitrary shell commands on the server. Successful exploitation gives an attacker full OS-level command execution, enabling data theft, file modification, or complete server takeover. HarborGuard tracks this advisory for patch availability and will make a patched rebuild available the moment an upstream fix is published.
HarborGuard Coverage
Detection is available across every HarborGuard environment: the CVE is ingested from upstream feeds within minutes of publication and matched against customer images in registries and CI/CD pipelines, including custom-built images that bundle Guardian language-system at or below commit e42c395ec4b03fe62973a669c9209a673838b8a4.
AvailableHarborGuard scores this finding at CVSS 9.3 Critical and weights it against each environment's compliance policy to determine escalation priority; findings at this severity are routed to the appropriate team inbox inside each customer organization automatically.
AvailableNo upstream fix has been published for this CVE. HarborGuard re-checks the advisory on every ingest cycle and will make a patched-image rebuild available the moment the upstream maintainer ships a remediated release. For customers with auto-remediation enabled, the rebuild, regression run, and PR against affected workloads will trigger automatically at that point.
Pending upstreamExploit Conditions
- Network reachabilityRequired
The vulnerable endpoint is exposed over the network; an attacker must be able to send HTTP requests to the server running Guardian language-system.
- AuthenticationNot required
No credentials or session token are needed; the vulnerable transcribe_amazon.php script accepts unauthenticated GET requests.
- Victim interactionNot required
Exploitation requires no action from any user or administrator on the target system.
- Attack complexityDetail
The exploit is straightforward and condition-free; appending shell metacharacters to the id parameter is sufficient to inject commands with no race conditions or special environmental prerequisites.
Blast Radius
- An attacker executes arbitrary OS commands under the web server process user, gaining an interactive shell or the ability to run any binary on the host.
- All data accessible to the server process, including database credentials, stored session tokens, and user records managed by Guardian language-system, can be read and exfiltrated.
- An attacker can write, overwrite, or delete files within the web root and any path the process user can access, corrupting application data or planting backdoors.
- The web server process can be killed or the host rebooted, taking the transcription service offline.
How HarborGuard Handles This
Available on HarborGuard: images containing Guardian language-system are flagged Critical the moment this CVE enters the feed, which is typically within minutes of publication. Because no upstream fix exists yet, HarborGuard monitors the advisory on every ingest cycle and will make a patched-image rebuild available automatically once the maintainer publishes a remediated commit or release. In the meantime, customers can apply compensating controls through HarborGuard network policy: isolate the affected container from public ingress by adding an ingress-deny rule scoped to transcribe_amazon.php, apply egress filtering to prevent outbound shell callbacks, and where application architecture permits, gate the endpoint behind an authentication proxy at the infrastructure layer. For customers with auto-remediation enabled, the rebuild, regression test run, and PR against affected workloads will open automatically when the upstream fix is confirmed.
- guardian / language-system≤ e42c395ec4b03fe62973a669c9209a673838b8a4
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N