CVE-2025-64124

High CVSS: 8.7

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Nuvation Energy Multi-Stack Controller (MSC) allows OS Command Injection.This issue affects Multi-Stack Controller (MSC): before 2.5.1.

Vendor

Nuvationenergy

Product

Nplatform

CWE

CWE-78

Yayın Tarihi

2026-01-03 01:15:42

Güncelleme

2026-02-26 19:59:52

Source Identifier

ot-cert@dragos.com

KEV Date Added

Kategoriler

CWE-78 Nplatform HIGH Nuvationenergy 2026

Referanslar

https://www.dragos.com/community/advisories/CVE-2025-64119

Benzer Kayıtlar

Critical

CVE-2025-64120

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Nuvation Ene…

Critical

CVE-2025-64121

Authentication Bypass Using an Alternate Path or Channel vulnerability in Nuvation Energy Multi-Stack Controller (MSC) a…

High

CVE-2025-64122

Insufficiently Protected Credentials vulnerability in Nuvation Energy Multi-Stack Controller (MSC) allows Signature Spoo…

High

CVE-2025-64123

Unintended Proxy or Intermediary vulnerability in Nuvation Energy Multi-Stack Controller (MSC) allows Network Boundary B…