CVE-2025-64126
🚨 CRITICALAn OS command injection vulnerability exists due to improper input validation. The application accepts a parameter directly from user input without verifying it is a valid IP address or filtering po...
Description
Request Expert ReviewAn OS command injection vulnerability exists due to improper input validation. The application accepts a parameter directly from user input without verifying it is a valid IP address or filtering potentially malicious characters. This could allow an unauthenticated attacker to inject arbitrary commands.
CVSS Scores
References
Additional Information
- Source
- ics-cert@hq.dhs.gov
- State
- Awaiting analysis
Related CVEs
CVE-2025-13970
HIGHOpenPLC_V3 is vulnerable to a cross-site request forgery (CSRF) attack due to the absence of proper CSRF validation. This issue allows an unauthenti...
CVE-2025-14585
HIGHA vulnerability was found in itsourcecode COVID Tracking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/?pa...
CVE-2025-14584
HIGHA vulnerability has been found in itsourcecode COVID Tracking System 1.0. Affected is an unknown function of the file /admin/login.php of the componen...
CVE-2025-14583
HIGHA flaw has been found in campcodes Online Student Enrollment System 1.0. This impacts an unknown function of the file /admin/register.php. Executing m...
CVE-2025-14582
MEDIUMA vulnerability was detected in campcodes Online Student Enrollment System 1.0. This affects an unknown function of the file /admin/index.php?page=use...
CVE-2025-67750
HIGHLightning Flow Scanner provides a A CLI plugin, VS Code Extension and GitHub Action for analysis and optimization of Salesforce Flows. Versions 6.10.5...
Share CVE-2025-64126
Share on Social Media
Copy Link
Embed Code
Request Expert Analysis
Request a professional security analysis for CVE-2025-64126 from our verified experts.
Credits System
Use your credits to get expert analysis from verified security professionals. Purchase more credits anytime!