CVE-2025-52365

Name of the Vulnerable Software and Affected Versions ccurtsinger/stabilizer (affected versions not specified)

Description A command injection issue exists in the szc script of the ccurtsinger/stabilizer repository. This allows remote attackers to execute arbitrary system commands through unsanitized user input. The issue stems from the direct concatenation of command-line arguments into shell commands without proper validation, specifically using the os.system() function. The os.system() function executes system commands, and when combined with unsanitized input, it can lead to the execution of unintended commands. The vulnerable component is the szc script.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.