CVE-2025-59741 is a critical operating system command injection vulnerability identified in AndSoft's e-TMS product, specifically version 25.03. The vulnerability arises from improper neutralization of special elements used in a command (CWE-77), allowing an attacker to inject and execute arbitrary OS commands on the server hosting the vulnerable application. The flaw is located in the handling of the 'm' parameter within the '/CLT/LOGINERRORFRM.ASP' endpoint, which processes POST requests. Because the application fails to properly sanitize or validate this parameter, an attacker can craft malicious input to execute commands with the privileges of the web server process. The CVSS 4.0 base score is 9.3 (critical), reflecting the vulnerability's high impact and ease of exploitation: it requires no authentication, no user interaction, and can be exploited remotely over the network. The vulnerability affects the e-TMS version 25.03, a transportation management system developed by AndSoft. No patches or fixes have been published yet, and there are no known exploits in the wild at the time of reporting. However, the critical severity and the nature of command injection make it a high-risk issue that could lead to full system compromise, data theft, or disruption of services.

For European organizations using AndSoft's e-TMS v25.03, this vulnerability poses a significant risk. Successful exploitation could allow attackers to execute arbitrary commands on the server, potentially leading to unauthorized access to sensitive transportation management data, disruption of logistics operations, and lateral movement within the corporate network. Given that e-TMS is likely used by companies involved in supply chain and transportation management, the impact could extend to critical infrastructure sectors, affecting operational continuity and data confidentiality. Additionally, the compromise of such systems could facilitate further attacks such as ransomware deployment or espionage. The lack of authentication and user interaction requirements increases the risk of automated exploitation attempts. Organizations may face regulatory consequences under GDPR if personal or sensitive data is exposed or compromised due to this vulnerability.

Immediate mitigation steps include implementing strict input validation and sanitization on the 'm' parameter in the '/CLT/LOGINERRORFRM.ASP' endpoint to prevent command injection. Until an official patch is released by AndSoft, organizations should consider deploying Web Application Firewalls (WAFs) with custom rules to detect and block suspicious payloads targeting this parameter. Network segmentation should be enforced to limit access to the e-TMS server, restricting it to trusted internal users and systems only. Monitoring and logging of all POST requests to the vulnerable endpoint should be enhanced to detect potential exploitation attempts. Additionally, organizations should conduct thorough security assessments of their e-TMS deployments and prepare incident response plans in case of compromise. Engaging with AndSoft for timely updates and patches is critical. If feasible, temporarily disabling or restricting access to the vulnerable functionality until a fix is available can reduce risk.