Lucene search
K

6 matches found

Packet Storm News
Packet Storm News
added 2026/04/17 12:0 a.m.7 views

Eclipse Che Machine-Exec WebSocket Service Exposure Detector

This Python script is a lightweight security detection tool designed to identify potentially exposed or misconfigured machine-exec WebSocket services associated with Eclipse Che running on port 3333...

5.8AI score
Exploits0
Metasploit
Metasploit
added 2026/03/25 6:58 p.m.207 views

Eclipse Che machine-exec Unauthenticated RCE

This module exploits an unauthenticated remote code execution vulnerability in the Eclipse Che machine-exec service CVE-2025-12548. The machine-exec service, exposed on port 3333 within Red Hat OpenShift DevSpaces developer workspace containers, accepts WebSocket connections without authenticatio...

9CVSS6.6AI score0.01164EPSS
Exploits2
NVD
NVD
added 2026/01/13 4:15 p.m.6 views

CVE-2025-12548

A flaw was found in Eclipse Che che-machine-exec. This vulnerability allows unauthenticated remote arbitrary command execution and secret exfiltration SSH keys, tokens, etc. from other users' Developer Workspace containers, via an unauthenticated JSON-RPC / websocket API exposed on TCP port 3333...

9CVSS0.01164EPSS
Exploits2References5
ATTACKERKB
ATTACKERKB
added 2026/01/13 3:35 p.m.4 views

CVE-2025-12548

A flaw was found in Eclipse Che che-machine-exec. This vulnerability allows unauthenticated remote arbitrary command execution and secret exfiltration SSH keys, tokens, etc. from other users' Developer Workspace containers, via an unauthenticated JSON-RPC / websocket API exposed on TCP port 3333...

9CVSS5.7AI score0.01164EPSS
Exploits2References7
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.6 views

PT-2026-2441

Name of the Vulnerable Software and Affected Versions Eclipse Che versions affected versions not specified Description A flaw exists in Eclipse Che che-machine-exec that permits unauthenticated remote arbitrary command execution and secret exfiltration, including SSH keys and tokens, from other...

9CVSS5.8AI score0.01164EPSS
Exploits2References13
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.5 views

Eclipse Che 访问控制错误漏洞

Eclipse Che is a set of Java-based open source online integrated development environments IDEs from the Eclipse Foundation. An access control error vulnerability exists in Eclipse Che che-machine-exec, which originates from an unauthenticated remote attacker who can execute arbitrary commands and...

9CVSS6.2AI score0.01164EPSS
Exploits2References5
Rows per page
Query Builder