AI description
CVE-2025-12548 describes a vulnerability found in the `che-machine-exec` component of Eclipse Che. This flaw stems from a lack of authentication for a critical JSON-RPC/websocket API, which is exposed on TCP port 3333. Exploitation of this vulnerability allows unauthenticated remote attackers to execute arbitrary commands within other users' Developer Workspace containers. Additionally, attackers can exfiltrate sensitive information, such as SSH keys and tokens, due to this missing authentication.
- Description
- A flaw was found in Eclipse Che che-machine-exec. This vulnerability allows unauthenticated remote arbitrary command execution and secret exfiltration (SSH keys, tokens, etc.) from other users' Developer Workspace containers, via an unauthenticated JSON-RPC / websocket API exposed on TCP port 3333.
- Source
- secalert@redhat.com
- NVD status
- Deferred
CVSS 3.1
- Type
- Secondary
- Base score
- 9
- Impact score
- 6
- Exploitability score
- 2.3
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- secalert@redhat.com
- CWE-306
- Hype score
- Not currently trending
Metasploit adds 3 new exploit modules including CVE-2026-23767 (ESC/POS printers), CVE-2025-12548 (Eclipse Che RCE), and CVE-2023-2868 (Barracuda ESG). Enhanced NTLM relay capabilities now support broader client compatibility. #DFIR_Radar https://t.co/qx2DMa2Rh4
@DFIR_Radar
28 Mar 2026
1 Impression
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Metasploit adds 3 new exploit modules including CVE-2026-23767 (ESC/POS printer RCE), CVE-2025-12548 (Eclipse Che unauthenticated RCE), and CVE-2023-2868 (Barracuda ESG command injection). Enhanced NTLM relay compatibility with Linux smbclient. #DFIR_Radar https://t.co/kTThThSAH
@DFIR_Radar
28 Mar 2026
316 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
The latest #Metasploit Wrapup is here! ๐ This week brings enhanced SMB NTLM relaying for better client compatibility (including smbclient), plus new modules for RCE in Eclipse Che (CVE-2025-12548), Barracuda ESG command injection (CVE-2023-2868), and an ESC/POS printer injecto
@metasploit
27 Mar 2026
3014 Impressions
9 Retweets
23 Likes
6 Bookmarks
0 Replies
0 Quotes
1/2 War diary from LLM-assisted pentesting: needed a vulnerable che-machine-exec instance for my Metasploit PR (CVE-2025-12548, unauth RCE in Eclipse Che). Asked Grok 4 and Claude Sonnet 4.6. Both confidently wrong.
@payloadforge
25 Feb 2026
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
๐ด CVE-2025-12548 - Critical A flaw was found in Eclipse Che che-machine-exec. This vulnerability allows unauthenticated remote arbitrary command execution and secret exfiltration (SSH keys, tokens, etc.) from other ... https://t.co/fCsLa8AbOb https://t.co/wOVDNNrTrr
@TheHackerWire
13 Jan 2026
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-12548: CRITICAL] Critical vulnerability in Eclipse Che che-machine-exec allows remote attackers to execute arbitrary commands and steal sensitive data from users' containers via unauthenticated API...#cve,CVE-2025-12548,#cybersecurity https://t.co/iRTVN0n9sN https://t.c
@CveFindCom
13 Jan 2026
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes