Medium severity6.5NVD Advisory· Published Dec 24, 2025· Updated Apr 15, 2026
CVE-2019-25257
CVE-2019-25257
Description
LogicalDOC Enterprise 7.7.4 contains multiple authenticated OS command execution vulnerabilities that allow attackers to manipulate binary paths when changing system settings. Attackers can exploit these vulnerabilities by modifying configuration parameters like antivirus.command, ocr.Tesseract.path, and other system paths to execute arbitrary system commands with elevated privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: = 7.7.4
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.