Unknown · Oxidized-Web · CVE-2025-27590
**Name of the Vulnerable Software and Affected Versions**
oxidized-web versions prior to 0.15.0
**Description**
The issue allows an unauthenticated user to gain control over the Linux user account running the software through the RANCID migration page.
**Recommendations**
For versions prior to 0.15.0, update to version 0.15.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the RANCID migration page until the update is applied.