CVE-2025-10767

Name of the Vulnerable Software and Affected Versions CosmodiumCS OnlyRAT versions prior to 3.3

Description A vulnerability exists in CosmodiumCS OnlyRAT. The connect/remote upload/remote download function within the main.py file of the Configuration File Handler component is affected. Manipulation of the configuration["PASSWORD"] argument can lead to OS command injection. The attack requires a local approach and is considered difficult to exploit. The exploit is publicly available. The vendor was contacted but did not respond.

Recommendations Versions prior to 3.3: Address the OS command injection issue by sanitizing or validating the configuration["PASSWORD"] argument within the connect/remote upload/remote download function in the main.py file. As a temporary workaround, restrict access to the Configuration File Handler component.