exploitDog

GHSA-2qm6-vprh-vgfc

Опубликовано: 27 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 10

Описание

Xspeeder SXZOS through 2025-12-26 allows root remote code execution via base64-encoded Python code in the chkid parameter to vLogin.py. The title and oIP parameters are also used.

Xspeeder SXZOS through 2025-12-26 allows root remote code execution via base64-encoded Python code in the chkid parameter to vLogin.py. The title and oIP parameters are also used.

Ссылки

EPSS

Процентиль: 61%

0.00406

Низкий

10 Critical

CVSS3

CVE ID

Дефекты

CWE-94

CWE-95

Связанные уязвимости

CVE-2025-54322

CVSS3: 10

nvd

около 1 месяца назад

Xspeeder SXZOS through 2025-12-26 allows root remote code execution via base64-encoded Python code in the chkid parameter to vLogin.py. The title and oIP parameters are also used.

EPSS

Процентиль: 61%

0.00406

Низкий

10 Critical

CVSS3

CVE ID

Дефекты

CWE-94

CWE-95