Security Advisory
CVE-2025-52365
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
A command injection vulnerability in the szc script of the ccurtsinger/stabilizer repository allows remote attackers to execute arbitrary system commands via unsanitized user input passed to os.system(). The vulnerability arises from improper input handling where command-line arguments are directly concatenated into shell commands without validation