Security Advisory

CVE-2025-65074

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-16 12:25:15

Last updated 2025-12-16 14:38:42

Assigner CERT-PL

State PUBLISHED

Description

WaveView client allows users to execute restricted set of predefined commands and scripts on the connected WaveStore Server. A malicious attacker with high-privileges is able to execute arbitrary OS commands on the server using path traversal in the showerr script. This issue was fixed in version 6.44.44

← Browse all CVEs View on cve.org ↗