- Description
- In the Production Environment extension in Netmake ScriptCase through 9.12.006 (23), shell injection in the SSH connection settings allows authenticated attackers to execute system commands via crafted HTTP requests.
- Source
- cve@mitre.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 6.7
- Impact score
- 5.5
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
- Severity
- MEDIUM
- cve@mitre.org
- CWE-78
- Hype score
- Not currently trending
#exploit #AppSec "ScriptCase - Pre-Authenticated RCE (CVE-2025-47227, CVE-2025-47228)", 2025. ]-> PoC Script - https://t.co/bjn5yGwrCn // Pre-auth RCE is achieved by chaining two vulnerabilities: the first is the ability to reset the administrator password of the prod consol
@ksg93rd
7 Jul 2025
66 Impressions
0 Retweets
0 Likes
2 Bookmarks
0 Replies
0 Quotes
CVE-2025-47228 Shell Injection Vulnerability in Netmake ScriptCase Production En... https://t.co/izPuOMXS6L Customizable Vulnerability Alerts: https://t.co/U7998fz7yk
@VulmonFeeds
5 Jul 2025
81 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-47228 In the Production Environment extension in Netmake ScriptCase through 9.12.006 (23), shell injection in the SSH connection settings allows authenticated attackers to … https://t.co/0dBCnqXg1e
@CVEnew
5 Jul 2025
891 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes