Lucene search
+L

7 matches found

redhatcve
redhatcve
added 2025/12/17 12:55 a.m.14 views

CVE-2025-63414

A Path Traversal vulnerability in the Allsky WebUI version v2024.12.0606 allows an unauthenticated remote attacker to achieve arbitrary command execution. By sending a crafted HTTP request to the /html/execute.php endpoint with a malicious payload in the id parameter, an attacker can execute...

10CVSS8.9AI score0.01652EPSS
Exploits1References1
euvd
euvd
added 2025/12/16 6:31 p.m.5 views

EUVD-2025-203804

A Path Traversal vulnerability in the Allsky WebUI version v2024.12.0606 allows an unauthenticated remote attacker to achieve arbitrary command execution. By sending a crafted HTTP request to the /html/execute.php endpoint with a malicious payload in the id parameter, an attacker can execute...

10CVSS8.4AI score0.01652EPSS
Exploits1References4
nvd
nvd
added 2025/12/16 5:16 p.m.5 views

CVE-2025-63414

A Path Traversal vulnerability in the Allsky WebUI version v2024.12.0606 allows an unauthenticated remote attacker to achieve arbitrary command execution. By sending a crafted HTTP request to the /html/execute.php endpoint with a malicious payload in the id parameter, an attacker can execute...

10CVSS0.01652EPSS
Exploits1References3
vulnrichment
vulnrichment
added 2025/12/16 12:0 a.m.3 views

CVE-2025-63414

A Path Traversal vulnerability in the Allsky WebUI version v2024.12.0606 allows an unauthenticated remote attacker to achieve arbitrary command execution. By sending a crafted HTTP request to the /html/execute.php endpoint with a malicious payload in the id parameter, an attacker can execute...

8.5AI score0.01652EPSS
Exploits1References3
cvelist
cvelist
added 2025/12/16 12:0 a.m.32 views

CVE-2025-63414

A Path Traversal vulnerability in the Allsky WebUI version v2024.12.0606 allows an unauthenticated remote attacker to achieve arbitrary command execution. By sending a crafted HTTP request to the /html/execute.php endpoint with a malicious payload in the id parameter, an attacker can execute...

0.01652EPSS
Exploits1References3
cve
cve
added 2025/12/16 12:0 a.m.21 views

CVE-2025-63414

CVE-2025-63414 describes a Path Traversal in Allsky WebUI v2024.12.06_06 that allows unauthenticated remote command execution via /html/execute.php with a crafted id payload, leading to full remote code execution. The issue is confirmed across multiple sources (Red Hat CVE entry, EUVD/ENISA entry...

10CVSS8.5AI score0.01652EPSS
Exploits1References3Affected Software1
osv
osv
added 2025/12/16 12:0 a.m.6 views

CVE-2025-63414

A Path Traversal vulnerability in the Allsky WebUI version v2024.12.0606 allows an unauthenticated remote attacker to achieve arbitrary command execution. By sending a crafted HTTP request to the /html/execute.php endpoint with a malicious payload in the id parameter, an attacker can execute...

10CVSS8.8AI score0.01652EPSS
Exploits1References5
Rows per page
Query Builder