PT-2025-29540 · Protns · Actadur
Published
2025-07-15
·
Updated
2025-07-30
·
CVE-2025-3621
CVSS v3.1
9.6
Critical
| Vector | AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L |
Name of the Vulnerable Software and Affected Versions
ActADUR versions 2.0.1.9 through 2.0.1.9
Description
The ActADUR local server product, developed and maintained by ProTNS, allows for Remote Code Inclusion on host systems. The vulnerability has been rated as critical and includes issues such as improper neutralization of special elements used in a command (Command Injection), use of hard-coded credentials, improper authentication, and binding to an unrestricted IP address.
Recommendations
Update to version 2.0.2.0 or above.
Fix
Improper Authentication
Using Hardcoded Credentials
Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Actadur