4 matches found
Arbitrary Command Injection
Overview Affected versions of this package are vulnerable to Arbitrary Command Injection via the processFile function in the wxapkg File Parser component. An attacker can execute arbitrary system commands by providing crafted input to this function. Remediation There is no fixed version for...
CVE-2025-5030 Ackites KillWxapkg wxapkg File Parser unpack.go processFile os command injection
A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been declared as critical. This vulnerability affects the function processFile of the file internal/unpack/unpack.go of the component wxapkg File Parser. The manipulation leads to os command injection. The attack can be initiated...
CVE-2025-5030 Ackites KillWxapkg wxapkg File Parser unpack.go processFile os command injection
A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been declared as critical. This vulnerability affects the function processFile of the file internal/unpack/unpack.go of the component wxapkg File Parser. The manipulation leads to os command injection. The attack can be initiated...
CVE-2025-5030
CVE-2025-5030 affects Ackites KillWxapkg up to 2.4.1. The vulnerability resides in the function processFile of the file internal/unpack/unpack.go in the wxapkg file parser, enabling OS command injection . Multiple connected sources corroborate remote exploitation with high attack complexity and d...