Lucene search
K

4 matches found

Snyk
Snyk
added 2025/05/21 6:33 p.m.1 views

Arbitrary Command Injection

Overview Affected versions of this package are vulnerable to Arbitrary Command Injection via the processFile function in the wxapkg File Parser component. An attacker can execute arbitrary system commands by providing crafted input to this function. Remediation There is no fixed version for...

8.1CVSS8AI score0.02343EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/05/21 4:31 p.m.5 views

CVE-2025-5030 Ackites KillWxapkg wxapkg File Parser unpack.go processFile os command injection

A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been declared as critical. This vulnerability affects the function processFile of the file internal/unpack/unpack.go of the component wxapkg File Parser. The manipulation leads to os command injection. The attack can be initiated...

5.1CVSS5.6AI score0.02343EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/05/21 4:31 p.m.16 views

CVE-2025-5030 Ackites KillWxapkg wxapkg File Parser unpack.go processFile os command injection

A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been declared as critical. This vulnerability affects the function processFile of the file internal/unpack/unpack.go of the component wxapkg File Parser. The manipulation leads to os command injection. The attack can be initiated...

5.1CVSS0.02343EPSS
Exploits1References5
CVE
CVE
added 2025/05/21 4:31 p.m.56 views

CVE-2025-5030

CVE-2025-5030 affects Ackites KillWxapkg up to 2.4.1. The vulnerability resides in the function processFile of the file internal/unpack/unpack.go in the wxapkg file parser, enabling OS command injection . Multiple connected sources corroborate remote exploitation with high attack complexity and d...

8.1CVSS5.6AI score0.02343EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder