A vulnerability in the “Remote Logging” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to execute arbitrary OS commands in the context of user “root” via a crafted HTTP request.
References
Configurations
No configuration.
History
02 May 2025, 13:53
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
30 Apr 2025, 12:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-04-30 12:15
Updated : 2025-05-02 13:53
NVD link : CVE-2025-24351
Mitre link : CVE-2025-24351
CVE.ORG link : CVE-2025-24351
JSON object : View
Products Affected
No product.
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')