CVE-2025-70831 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A Remote Code Execution (RCE) vulnerability was found in Smanga 3.2.7 in the /php/path/rescan.php interface. The application fails to properly sanitize user-sup…
Critical CVSS: 9.8

CVE-2025-70831

A Remote Code Execution (RCE) vulnerability was found in Smanga 3.2.7 in the /php/path/rescan.php interface. The application fails to properly sanitize user-supplied input in the mediaId parameter before using it in a system shell command. This allows an unauthenticated attacker to inject arbitrary operating system commands, leading to complete server compromise.
Vendor
Lkw199711
Product
Smanga
CWE
CWE-78
Yayın Tarihi
2026-02-20 16:22:29
Güncelleme
2026-02-26 21:30:23
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-78 Smanga CRITICAL Lkw199711 2026

Referanslar

https://github.com/LX-66-LX/cve/issues/5