MGASA-2026-0138 Updated awstats packages fix security vulnerability

AWStats is vulnerable to Command Injection via the open function. CVE-2025-63261...

Fedora 44 : awstats (2026-649970e065)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-649970e065 advisory. Fix CVE-2025-63261 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

Fedora 42 : awstats (2026-29b65f46e8)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-29b65f46e8 advisory. Fix CVE-2025-63261 rhbz 2450261 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Debian: Security Advisory (DLA-4509-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-63261

A flaw was found in AWStats. A remote attacker can exploit a command injection vulnerability through the open function, leading to arbitrary code execution on the affected system. This allows for a complete compromise of the system. Mitigation To mitigate this issue, restrict access to the AWStat...

Linux Distros Unpatched Vulnerability : CVE-2025-63261

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - AWStats 8.0 is vulnerable to Command Injection via the open function CVE-2025-63261 Note that Nessus relies on the presence of the package as reported by the...

CVE-2025-63261

AWStats 8.0 is vulnerable to Command Injection via the open function...

CVE-2025-63261

AWStats 8.0 is vulnerable to Command Injection via the open function...

CVE-2025-63261

AWStats 8.0 is vulnerable to Command Injection via the open function...

CVE-2025-63261

AWStats 8.0 is affected by CVE-2025-63261: a Command Injection vulnerability in the open function. Root cause and impact as per provided sources indicate potential impact to confidentiality, integrity, and availability (CVSS v3.1: 7.8, HIGH) when exploited locally. Public advisories and vendor re...

CVE-2025-63261

creationtimestamp| type| source ---|---|--- 2026-01-09 12:37:27+00:00| seen| https://bsky.app/profile/pentest-tools.com/post/3mbyj6rw5zs2q 2026-01-19 12:33:26+00:00| seen| https://bsky.app/profile/pentest-tools.com/post/3mcrnmtghfk27 2026-01-30 13:06:37+00:00| seen|...