Unknown · Curo Uc300 · CVE-2025-57457
**Name of the Vulnerable Software and Affected Versions**
Curo UC300 version 5.42.1.7.1.63R1
**Description**
A flaw exists within the Admin panel that permits local attackers to inject arbitrary OS Commands. The injection occurs through the `IP Addr` parameter.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.