Unrated severityNVD Advisory· Published Jul 21, 2025· Updated Nov 3, 2025

Remote Command Injection via GET in Cloud Server Communication Script Due to Improper Input Neutralization

CVE-2025-41675

Description

A high privileged remote attacker can execute arbitrary system commands via GET requests in the cloud server communication script due to improper neutralization of special elements used in an OS command.

Affected products

Helmholz/REX 100v5
Range: 0.0.0
MB connect line/mbNET.miniv5
Range: 0.0.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

certvde.com/de/advisories/VDE-2025-058mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000