Unrated severityNVD Advisory· Published Oct 24, 2025· Updated Oct 24, 2025
CVE-2025-60938
CVE-2025-60938
Description
Emoncms 11.7.3 has a remote code execution vulnerability in the firmware upload feature that allows authenticated users to execute arbitrary commands on the target system. The vulnerability stems from insufficient input validation of user-controlled parameters including filename, port, baud_rate, core, and autoreset within the /admin/upload-custom-firmware endpoint.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Emoncms/Emoncmsdescription
- Range: <=11.7.3
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.