Lucene search
K

7 matches found

Packet Storm
Packet Storm
added 2026/02/27 12:0 a.m.127 views

📄 ZAI-Shell P2P Command Injection

This Metasploit module targets a command injection vulnerability in ZAI-Shell when running in noaimode. The exploit communicates over a plaintext P2P protocol default port 5757 and sends crafted JSON messages to execute arbitrary system commands on the target. The module includes an enhanced...

6.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/02/11 1:33 a.m.5 views

CVE-2026-25807

ZAI Shell is an autonomous SysOps agent designed to navigate, repair, and secure complex environments. Prior to 9.0.3, the P2P terminal sharing feature share start opens a TCP socket on port 5757 without any authentication mechanism. Any remote attacker can connect to this port using a simple...

8.8CVSS6AI score0.0064EPSS
Exploits2References1
NVD
NVD
added 2026/02/09 10:16 p.m.6 views

CVE-2026-25807

ZAI Shell is an autonomous SysOps agent designed to navigate, repair, and secure complex environments. Prior to 9.0.3, the P2P terminal sharing feature share start opens a TCP socket on port 5757 without any authentication mechanism. Any remote attacker can connect to this port using a simple...

8.8CVSS0.0064EPSS
Exploits2References3
ATTACKERKB
ATTACKERKB
added 2026/02/09 9:46 p.m.5 views

CVE-2026-25807

ZAI Shell is an autonomous SysOps agent designed to navigate, repair, and secure complex environments. Prior to 9.0.3, the P2P terminal sharing feature share start opens a TCP socket on port 5757 without any authentication mechanism. Any remote attacker can connect to this port using a simple...

8.8CVSS6AI score0.0064EPSS
Exploits2References4Affected Software1
Cvelist
Cvelist
added 2026/02/09 9:46 p.m.29 views

CVE-2026-25807 Unauthenticated Remote Code Execution via P2P Sharing in ZAI-Shell

ZAI Shell is an autonomous SysOps agent designed to navigate, repair, and secure complex environments. Prior to 9.0.3, the P2P terminal sharing feature share start opens a TCP socket on port 5757 without any authentication mechanism. Any remote attacker can connect to this port using a simple...

8.8CVSS0.0064EPSS
Exploits2References3
Vulnrichment
Vulnrichment
added 2026/02/09 9:46 p.m.5 views

CVE-2026-25807 Unauthenticated Remote Code Execution via P2P Sharing in ZAI-Shell

ZAI Shell is an autonomous SysOps agent designed to navigate, repair, and secure complex environments. Prior to 9.0.3, the P2P terminal sharing feature share start opens a TCP socket on port 5757 without any authentication mechanism. Any remote attacker can connect to this port using a simple...

8.8CVSS6AI score0.0064EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2026/02/09 12:0 a.m.5 views

PT-2026-7176

Name of the Vulnerable Software and Affected Versions ZAI Shell versions prior to 9.0.3 Description ZAI Shell, an autonomous SysOps agent, has an issue in its P2P terminal sharing feature share start. Before version 9.0.3, this feature opens a TCP socket on port 5757 without authentication. A...

8.8CVSS5.9AI score0.0064EPSS
Exploits2References9
Rows per page
Query Builder