CVE-2025-27590
published 2025-03-03CVE-2025-27590: In oxidized-web (aka Oxidized Web) before 0.15.0, the RANCID migration page allows an unauthenticated user to gain control over the Linux user account that is…
PriorityP276critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
24.35%
97.6th percentile
In oxidized-web (aka Oxidized Web) before 0.15.0, the RANCID migration page allows an unauthenticated user to gain control over the Linux user account that is running oxidized-web.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| oxidized_web_project | oxidized_web | < 0.15.0 | 0.15.0 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Oxidized Web RANCID migration page allows unauthenticated user to gain control over Linux user account
osv·2025-03-03
CVE-2025-27590 [CRITICAL] Oxidized Web RANCID migration page allows unauthenticated user to gain control over Linux user account
Oxidized Web RANCID migration page allows unauthenticated user to gain control over Linux user account
In oxidized-web (aka Oxidized Web) before 0.15.0, the RANCID migration page allows an unauthenticated user to gain control over the Linux user account that is running oxidized-web.
GHSA
Oxidized Web RANCID migration page allows unauthenticated user to gain control over Linux user account
ghsa·2025-03-03
CVE-2025-27590 [CRITICAL] CWE-22 Oxidized Web RANCID migration page allows unauthenticated user to gain control over Linux user account
Oxidized Web RANCID migration page allows unauthenticated user to gain control over Linux user account
In oxidized-web (aka Oxidized Web) before 0.15.0, the RANCID migration page allows an unauthenticated user to gain control over the Linux user account that is running oxidized-web.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-03-03
Published