Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/07/04 2:22 p.m.11 views

CVE-2025-34073

An unauthenticated command injection vulnerability exists in stamparm/maltrail Maltrail versions =0.54. A remote attacker can execute arbitrary operating system commands via the username parameter in a POST request to the /login endpoint. This occurs due to unsafe handling of user-supplied input...

10CVSS8.2AI score0.03884EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/07/02 1:46 p.m.9 views

CVE-2025-34073 stamparm/maltrail <=0.54 Remote Command Execution

An unauthenticated command injection vulnerability exists in stamparm/maltrail Maltrail versions =0.54. A remote attacker can execute arbitrary operating system commands via the username parameter in a POST request to the /login endpoint. This occurs due to unsafe handling of user-supplied input...

10CVSS8.8AI score0.03884EPSS
Exploits1References5
EUVD
EUVD
added 2025/07/02 1:46 p.m.9 views

EUVD-2025-19716

An unauthenticated command injection vulnerability exists in stamparm/maltrail Maltrail versions =0.54. A remote attacker can execute arbitrary operating system commands via the username parameter in a POST request to the /login endpoint. This occurs due to unsafe handling of user-supplied input...

10CVSS8.2AI score0.03884EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/07/02 1:46 p.m.14 views

CVE-2025-34073 stamparm/maltrail <=0.54 Remote Command Execution

An unauthenticated command injection vulnerability exists in stamparm/maltrail Maltrail versions =0.54. A remote attacker can execute arbitrary operating system commands via the username parameter in a POST request to the /login endpoint. This occurs due to unsafe handling of user-supplied input...

10CVSS0.03884EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/07/02 12:0 a.m.8 views

PT-2025-27631

Name of the Vulnerable Software and Affected Versions: Maltrail versions =0.54 Description: An unauthenticated command injection issue exists, allowing a remote attacker to execute arbitrary operating system commands via the username parameter in a POST request to the "/login" endpoint. This occu...

10CVSS7.7AI score0.03884EPSS
Exploits1References11
Rows per page
Query Builder