Security Advisory

CVE-2025-47286

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-10 18:38:40
Last updated 2025-11-10 19:47:01
Assigner GitHub_M
State PUBLISHED

Description

Combodo iTop is a web based IT service management tool. In versions prior to 2.7.13 and 3.2.2, an administrator can, by editing the configuration of the iTop instance, execute code on the server. Versions 2.7.13 and 3.2.2 escape and check the config parameter before executing a command based on it.