CVE-2025-54306

Name of the Vulnerable Software and Affected Versions Thermo Fisher Torrent Suite Django application version 5.18.1

Description A remote code execution issue exists in the network configuration functionality due to inadequate input validation when handling network configuration parameters via administrative endpoints. The application permits administrators to alter the server’s network configuration through the Django application. This configuration is processed by Bash scripts (TSsetnoproxy and TSsetproxy) that directly write user-controlled data to environment variables without sufficient sanitization. Executing a source command on /etc/environment after updating these variables can enable arbitrary command execution if an attacker injects malicious data into environment variables. The vulnerability originates at the /admin/network endpoint, which utilizes user-supplied form data as arguments in subprocess.Popen calls. This input is then used to update environment variables within TSsetnoproxy and TSsetproxy, followed by the execution of source /etc/environment.

Recommendations Update to a newer version that contains a fix for this vulnerability.