Unrated severityNVD Advisory· Published Nov 20, 2025· Updated Nov 21, 2025

CVE-2025-60738

Description

An issue in Ilevia EVE X1 Server Firmware Version v4.7.18.0.eden and before Logic Version v6.00 - 2025_07_21 and before allows a remote attacker to execute arbitrary code via the ping.php component does not perform secure filtering on IP parameters

Affected products

Ilevia/EVE X1 Server Firmwaredescription
Ilevia Srl./Eve X1/x5 Serverllm-fuzzy
Range: <= v4.7.18.0.eden

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000