EUVD-2025-5558

Malicious code in bioql PyPI...

Unauthorized Account Takeover

oxidized-web is vulnerable to Unauthorized Account takeover. The vulnerability is due to missing authentication in the RANCID migration page, allowing an unauthenticated user to gain control over the Linux user account running oxidized-web...

CVE-2025-27590

In oxidized-web aka Oxidized Web before 0.15.0, the RANCID migration page allows an unauthenticated user to gain control over the Linux user account that is running oxidized-web...

GHSA-JX6P-9C26-G373 Oxidized Web RANCID migration page allows unauthenticated user to gain control over Linux user account

In oxidized-web aka Oxidized Web before 0.15.0, the RANCID migration page allows an unauthenticated user to gain control over the Linux user account that is running oxidized-web...

Oxidized Web RANCID migration page allows unauthenticated user to gain control over Linux user account

In oxidized-web aka Oxidized Web before 0.15.0, the RANCID migration page allows an unauthenticated user to gain control over the Linux user account that is running oxidized-web...

CVE-2025-27590

In oxidized-web aka Oxidized Web before 0.15.0, the RANCID migration page allows an unauthenticated user to gain control over the Linux user account that is running oxidized-web...

Directory Traversal

Overview oxidized-web is a puma+sinatra+haml webUI + REST API for oxidized Affected versions of this package are vulnerable to Directory Traversal through the RANCID migration page. An attacker can gain control over the Linux user account running the application by exploiting this vulnerability...

Oxidized Web 路径遍历漏洞

Oxidized Web is ytti individual developer's Web UI + RESTful API for Oxidized. A security vulnerability exists in Oxidized Web versions prior to 0.15.0 that stems from a RANCID migration page that allows an unauthenticated user to take control of a Linux user account running oxidized-web...

PT-2025-9270 · Unknown · Oxidized-Web

Name of the Vulnerable Software and Affected Versions: oxidized-web versions prior to 0.15.0 Description: The RANCID migration page in oxidized-web allows an unauthenticated user to gain control over the Linux user account that is running oxidized-web. This issue can lead to remote code execution...

CVE-2025-27590

In oxidized-web aka Oxidized Web before 0.15.0, the RANCID migration page allows an unauthenticated user to gain control over the Linux user account that is running oxidized-web...

Oxidized Web RANCID migration page allows unauthenticated user to gain control over Linux user account

In oxidized-web aka Oxidized Web before 0.15.0, the RANCID migration page allows an unauthenticated user to gain control over the Linux user account that is running oxidized-web...