Unrated severityNVD Advisory· Published Dec 11, 2025· Updated Mar 5, 2026
reNgine 2.2.0 Authenticated Command Injection via Scan Engine Configuration
CVE-2024-58287
Description
reNgine 2.2.0 contains a command injection vulnerability in the nmap_cmd parameter of scan engine configuration that allows authenticated attackers to execute arbitrary commands. Attackers can modify the nmap_cmd parameter with malicious base64-encoded payloads to achieve remote code execution during scan engine configuration.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3- www.exploit-db.com/exploits/52081mitreexploit
- www.vulncheck.com/advisories/rengine-authenticated-command-injection-via-scan-engine-configurationmitrethird-party-advisory
- rengine.wikimitreproduct
News mentions
0No linked articles in our index yet.