CVE-2025-66431
🔴 HIGHWebPros Plesk before 18.0.73.5 and 18.0.74 before 18.0.74.2 on Linux allows remote authenticated users to execute arbitrary code as root via domain creation. The attacker needs "Create and manage site...
Description
Request Expert ReviewWebPros Plesk before 18.0.73.5 and 18.0.74 before 18.0.74.2 on Linux allows remote authenticated users to execute arbitrary code as root via domain creation. The attacker needs "Create and manage sites" with "Domains management" and "Subdomains management."
CVSS Scores
References
Additional Information
- Source
- cve@mitre.org
- State
- Awaiting analysis
Related CVEs
CVE-2025-67847
HIGHA flaw was found in Moodle. An attacker with access to the restore interface could trigger server-side execution of arbitrary code. This is due to ins...
CVE-2025-3839
HIGHA flaw was found in Epiphany, a tool that allows websites to open external URL handler applications with minimal user interaction. This design can be...
CVE-2025-15522
MEDIUMThe Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scrip...
CVE-2026-0796
HIGHALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitra...
CVE-2026-0795
HIGHALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitra...
CVE-2026-0794
HIGHALGO 8180 IP Audio Alerter SIP Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary cod...
Share CVE-2025-66431
Share on Social Media
Copy Link
Embed Code
Request Expert Analysis
Request a professional security analysis for CVE-2025-66431 from our verified experts.
Credits System
Use your credits to get expert analysis from verified security professionals. Purchase more credits anytime!