CVE-2025-2611

CVSS v4.0

9.3

Vector

AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Name of the Vulnerable Software and Affected Versions ICTBroadcast versions 7.4 and below

Description The ICTBroadcast application improperly handles session cookie data, passing it to shell processing. This allows an attacker to inject shell commands into a session cookie, leading to unauthenticated remote code execution on the server. Approximately 200 devices are reported as exposed. The issue is currently being actively exploited in the wild. The vulnerability involves injecting commands via the

BROADCAST

session cookie.

Recommendations For versions 7.4 and below, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2025-2611

Affected Products

Ictbroadcast

CVE-2025-2611

Weakness Enumeration

Related Identifiers

Affected Products

References · 15