Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-47228

In the Production Environment extension in Netmake ScriptCase through 9.12.006 (23), shell injection in the SSH connection settings allows authenticated attackers to execute system commands via crafted HTTP requests.

Published

2025-07-05T03:15:30.637

Last Modified

2025-07-08T16:18:53.607

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.1: 6.7 (MEDIUM)

Weaknesses

Type: Secondary
CWE-78

Affected Vendors & Products

References

https://github.com/synacktiv/CVE-2025-47227_CVE-2025-47228 ([email protected])
https://www.scriptcase.net/changelog/ ([email protected])
https://www.synacktiv.com/advisories/scriptcase-pre-authenticated-remote-command-execution ([email protected])
https://github.com/synacktiv/CVE-2025-47227_CVE-2025-47228 (134c704f-9b21-4f2e-91b3-4a467353bcc0)