ГлавнаяУязвимости → CVE-2025-41674
7.2высокая

CVE-2025-41674

Описание

A high privileged remote attacker can execute arbitrary system commands via POST requests in the diagnostic action due to improper neutralization of special elements used in an OS command.

Затрагиваемое ПО
Mbconnectline Mbnet.mini firmwareMbconnectline Mbnet.mini
CVSS
Балл7.2 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Источники
https://certvde.com/de/advisories/VDE-2025-058http://seclists.org/fulldisclosure/2025/Jul/38