CVE-2025-9174

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: neurobin shc versions prior to 4.0.4

Description: A vulnerability exists in neurobin shc up to version 4.0.3. This issue affects the make function within the src/shc.c file of the Filename Handler component. Manipulation of this function can lead to OS command injection. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized.

Recommendations: Update neurobin shc to version 4.0.4 or later.

Exploit

Fix

OS Command Injection

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78CWE-77

Related Identifiers

CVE-2025-9174

Affected Products

Neurobin Shc

CVE-2025-9174

Weakness Enumeration

Related Identifiers

Affected Products

References · 11