CVE-2025-65076

Name of the Vulnerable Software and Affected Versions WaveView versions prior to 6.44.44

Description The WaveView client allows users to execute a limited set of predefined commands and scripts on a connected WaveStore Server. A malicious actor with elevated privileges can read or delete any file on the server due to a path traversal flaw in the ilog script. This script operates with root privileges.

Recommendations Update to version 6.44.44 or later.