Unrated severityNVD Advisory· Published Feb 3, 2025· Updated Feb 12, 2025
Command Injection in reNgine
CVE-2025-24962
Description
reNgine is an automated reconnaissance framework for web applications. In affected versions a user can inject commands via the nmap_cmd parameters. This issue has been addressed in commit c28e5c8d and is expected in the next versioned release. Users are advised to filter user input and monitor the project for a new release.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <= 2.2.0
Patches
Vulnerability mechanics
References
2- github.com/yogeshojha/rengine/commit/c28e5c8d304478a787811580b4d80b330920ace4mitrex_refsource_MISC
- github.com/yogeshojha/rengine/security/advisories/GHSA-cg75-ph7x-5rr9mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.