exploitDog

GHSA-2rrw-64r4-g2c2

Опубликовано: 23 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 8.4

Описание

A command injection vulnerability in the me.connectify.SMJobBlessHelper XPC service of Speedify VPN up to v15.0.0 allows attackers to execute arbitrary commands with root-level privileges.

A command injection vulnerability in the me.connectify.SMJobBlessHelper XPC service of Speedify VPN up to v15.0.0 allows attackers to execute arbitrary commands with root-level privileges.

Ссылки

EPSS

Процентиль: 8%

0.00031

Низкий

8.4 High

CVSS3

CVE ID

Дефекты

CWE-77

Связанные уязвимости

CVE-2025-25364

CVSS3: 8.4

nvd

около 2 месяцев назад

A command injection vulnerability in the me.connectify.SMJobBlessHelper XPC service of Speedify VPN up to v15.0.0 allows attackers to execute arbitrary commands with root-level privileges.

EPSS

Процентиль: 8%

0.00031

Низкий

8.4 High

CVSS3

CVE ID

Дефекты

CWE-77