Security Advisory

CVE-2024-58287

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-11 21:33:35

Last updated 2026-03-05 12:03:34

Assigner VulnCheck

State PUBLISHED

Description

reNgine 2.2.0 contains a command injection vulnerability in the nmap_cmd parameter of scan engine configuration that allows authenticated attackers to execute arbitrary commands. Attackers can modify the nmap_cmd parameter with malicious base64-encoded payloads to achieve remote code execution during scan engine configuration.

← Browse all CVEs View on cve.org ↗