Loading
SAP MaxDB 7.6.03 build 007 and earlier allows remote attackers to execute arbitrary commands via "&&" and other shell metacharacters in exec_sdbinfo and other unspecified commands, which are executed when MaxDB invokes cons.exe.
Use CWE-20, Sap vendor hub and Maxdb product page to widen CVE-2008-0244 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2010-1185, CVE-2008-0307 and CVE-2015-2282 for nearby disclosures in the same product family. Additional editorial context is available in The Weekly Cybersecurity Brief: February 13th, 2026.