CVE-2025-32778

Name of the Vulnerable Software and Affected Versions Web-Check versions (affected versions not specified)

Description A command injection issue exists in the screenshot API of the Web Check project, stemming from user-controlled input (url) being passed unsanitized into a shell command using exec(), allowing attackers to execute arbitrary system commands on the underlying host. This could be exploited by sending crafted url parameters to extract files or even establish remote access.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.