CVE-2025-69600: n/a
Command injection in Raynet rvia 12.6.4392.49-amd64.deb allows adversaries to execute commands via getconfig, and upload through the URL argument, and oracle through the -o flag The Supplier's perspective is that this is caused by Argument Injection in the find command query in rvia 12.6.4392.49. This in an arbitrary code execution flaw caused by an incorrectly constructed find command. The application actively searches for a Java executable by using search criteria that is not properly terminated or sanitized. By constructing a crafted directory path that satisfies the malformed search criteria, an attacker can trick the application into executing arbitrary Java code. This differs from standard PATH manipulation because it stems from the application's internal search logic. Specifically, a local attacker can create a crafted directory structure and path that satisfies an improperly terminated find query used by the application to locate a Java runtime.
AI Analysis
Technical Summary
This vulnerability involves an argument injection in the find command query within Raynet rvia 12.6.4392.49. The application attempts to locate a Java executable using search criteria that are not properly terminated or sanitized. By constructing a specially crafted directory structure and path, a local attacker can manipulate the find command to execute arbitrary Java code. This arbitrary code execution flaw results from the application's internal search logic rather than standard PATH manipulation. The vulnerability affects the specified version of Raynet rvia and allows local code execution via crafted directory paths.
Potential Impact
Successful exploitation allows a local attacker to execute arbitrary Java code on the affected system, potentially leading to unauthorized code execution with the privileges of the application. This could compromise system integrity and confidentiality depending on the application's context and privileges. There are no known public exploits or reports of active exploitation at this time.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should restrict local access to trusted users only and monitor for suspicious activity related to directory structures used by the application. Avoid running the vulnerable version in untrusted environments. No official remediation or temporary fix has been published.
CVE-2025-69600: n/a
Description
Command injection in Raynet rvia 12.6.4392.49-amd64.deb allows adversaries to execute commands via getconfig, and upload through the URL argument, and oracle through the -o flag The Supplier's perspective is that this is caused by Argument Injection in the find command query in rvia 12.6.4392.49. This in an arbitrary code execution flaw caused by an incorrectly constructed find command. The application actively searches for a Java executable by using search criteria that is not properly terminated or sanitized. By constructing a crafted directory path that satisfies the malformed search criteria, an attacker can trick the application into executing arbitrary Java code. This differs from standard PATH manipulation because it stems from the application's internal search logic. Specifically, a local attacker can create a crafted directory structure and path that satisfies an improperly terminated find query used by the application to locate a Java runtime.
CVSS v3.1
Score 7.8high
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability involves an argument injection in the find command query within Raynet rvia 12.6.4392.49. The application attempts to locate a Java executable using search criteria that are not properly terminated or sanitized. By constructing a specially crafted directory structure and path, a local attacker can manipulate the find command to execute arbitrary Java code. This arbitrary code execution flaw results from the application's internal search logic rather than standard PATH manipulation. The vulnerability affects the specified version of Raynet rvia and allows local code execution via crafted directory paths.
Potential Impact
Successful exploitation allows a local attacker to execute arbitrary Java code on the affected system, potentially leading to unauthorized code execution with the privileges of the application. This could compromise system integrity and confidentiality depending on the application's context and privileges. There are no known public exploits or reports of active exploitation at this time.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should restrict local access to trusted users only and monitor for suspicious activity related to directory structures used by the application. Avoid running the vulnerable version in untrusted environments. No official remediation or temporary fix has been published.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- mitre
- Date Reserved
- 2026-01-09T00:00:00.000Z
- Cvss Version
- null
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a172e7be29bf47b50d78a32
Added to database: 5/27/2026, 5:48:43 PM
Last enriched: 5/27/2026, 6:05:53 PM
Last updated: 5/29/2026, 10:14:35 AM
Views: 10
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.