CVE-2025-65076 - CERT CVE
ID CVE-2025-65076
Sažetak WaveView client allows users to execute restricted set of predefined commands and scripts on the connected WaveStore Server. A malicious attacker with high-privileges is able to read or delete any file on the server using path traversal in the ilog script. This script is being run with root privileges. This issue was fixed in version 6.44.44
Reference
CVSS
Base: 6.1
Impact: 5.2
Exploitability:0.9
Pristup
VektorSloženostAutentikacija
NETWORK LOW HIGH
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH NONE
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
Zadnje važnije ažuriranje 22-12-2025 - 19:11
Objavljeno 16-12-2025 - 13:15