CVE-2025-49008 | Atheos up to 6.0.3 execute.php escapeshellcmd os command injection (GHSA-rwc2-4q8c-xj48)

Inserito da Angelo Barbosa | Giu 5, 2025 | CVE

A vulnerability was found in Atheos up to 6.0.3. It has been rated as critical. This issue affects the function escapeshellcmd of the file /components/codegit/traits/execute.php. The manipulation leads to os command injection.

The identification of this vulnerability is CVE-2025-49008. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-49008 | Atheos up to 6.0.3 execute.php escapeshellcmd os command injection (GHSA-rwc2-4q8c-xj48)

Post correlati

CVE-2024-52412 | Stephen Cui Xin Plugin up to 1.0.8.1 on WordPress deserialization

CVE-2024-52951 | Omada Identity up to 15 Access Request History cross site scripting

CVE-2024-2716 | Campcodes Complete Online DJ Booking System 1.0 /admin/contactus.php email cross site scripting

CVE-2024-39715 | Veeam Service Provider Console up to 8.0.0.19552 REST API unrestricted upload (kb4649)