GHSA-5jjw-fvhq-mw36
GitHub Security Advisory
⚠ Unreviewed
CRITICAL
Has CVE
Advisory Details
Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a vulnerability in its authentication mechanism. Unsanitized input is passed to a system() call for authentication, allowing attackers to inject special characters and manipulate command parsing. Due to the binary's interpretation of non-zero exit codes as successful authentication, remote attackers can bypass authentication and gain full access to the system.
Related CVEs
Key Information
9.0
/10
Dataset
Last updated: September 18, 2025 6:29 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.