CVE-2025-23049

Name of the Vulnerable Software and Affected Versions Meridian Technique Materialise OrthoView versions through 7.5.1

Description Meridian Technique Materialise OrthoView through version 7.5.1 is susceptible to an OS Command Injection when servlet sharing is enabled. This allows for potential remote code execution and authentication bypass. The issue occurs when the application improperly handles user-supplied input, allowing attackers to inject arbitrary commands that are then executed by the operating system. The vulnerable component is related to servlet sharing functionality.

Recommendations Versions prior to 7.5.1 should be updated. Disable servlet sharing functionality to mitigate the risk.