CVE-2025-7788 | Xuxueli xxl-job up to 3.1.1 SampleXxlJob.java commandJobHandler os command injection (Issue 3750)

Inserito da Angelo Barbosa | Lug 18, 2025 | CVE

A vulnerability has been found in Xuxueli xxl-job up to 3.1.1 and classified as critical. Affected by this vulnerability is the function commandJobHandler of the file srcmainjavacomxxljobexecutorservicejobhandlerSampleXxlJob.java. The manipulation leads to os command injection.

This vulnerability is known as CVE-2025-7788. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2025-7788 | Xuxueli xxl-job up to 3.1.1 SampleXxlJob.java commandJobHandler os command injection (Issue 3750)

Post correlati

CVE-2023-41603 | D-Link R15 prior 1.08.02 IPv6 access control

CVE-2024-43328 | WPDeveloper EmbedPress Plugin up to 4.0.9 on WordPress path traversal

CVE-2024-51156 | 07FLY FlyCMS 1.3.9 del.html?id=93 cross-site request forgery

CVE-2025-4691 | Free Booking Plugin for Hotels, Restaurants and Car Rentals Plugin view_request_details resource injection