Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/06/23 8:38 a.m.10 views

CVE-2025-6384

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE Remote Code...

7.3CVSS7.7AI score0.00852EPSS
Exploits1References1
Circl
Circl
added 2025/06/19 9:44 p.m.15 views

CVE-2025-6384

creationtimestamp| type| source ---|---|--- 2025-06-19 21:44:52+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18885 2025-06-19 22:31:26+00:00| seen| Telegram/QDVONAJ-zoxa8IF5yGSkPSQU1xz6kI0qfAwwtPOjWAaZ4 2025-06-19 23:43:29+00:00| seen|...

9.1CVSS4.8AI score0.00852EPSS
Exploits1References7
NVD
NVD
added 2025/06/19 9:15 p.m.10 views

CVE-2025-6384

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE Remote Code...

9.1CVSS0.00852EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/06/19 8:57 p.m.5 views

CVE-2025-6384 Improper Control of Dynamically-Managed Code Resources in Crafter Studio

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE Remote Code...

7.3CVSS7AI score0.00852EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/06/19 8:57 p.m.15 views

CVE-2025-6384 Improper Control of Dynamically-Managed Code Resources in Crafter Studio

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE Remote Code...

7.3CVSS0.00852EPSS
Exploits1References1
CVE
CVE
added 2025/06/19 8:57 p.m.32 views

CVE-2025-6384

CrafterCMS Crafter Studio is affected by CVE-2025-6384 (versions 4.0.0–4.2.2). The issue is an Improper Control of Dynamically-Managed Code Resources that allows authenticated developers to bypass the Groovy sandbox, enabling remote code execution (RCE) by injecting malicious Groovy elements. The...

9.1CVSS7.1AI score0.00852EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder