An authenticated user can perform command injection via unsanitized input to the NetFax Server’s ping functionality via the /test.php endpoint.
Metrics
Affected Vendors & Products
References
History
Thu, 29 May 2025 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 29 May 2025 13:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An authenticated user can perform command injection via unsanitized input to the NetFax Server’s ping functionality via the /test.php endpoint. | |
Title | MICI Network Co. Ltd. NetFax Server Command Injection | |
Weaknesses | CWE-78 | |
References |
| |
Metrics |
cvssV4_0
|

Status: PUBLISHED
Assigner: rapid7
Published: 2025-05-29T12:36:13.667Z
Updated: 2025-05-29T13:15:14.119Z
Reserved: 2025-05-15T13:38:26.770Z
Link: CVE-2025-48047

Updated: 2025-05-29T13:14:58.953Z

Status : Awaiting Analysis
Published: 2025-05-29T13:15:25.887
Modified: 2025-05-29T14:29:50.247
Link: CVE-2025-48047

No data.