CVE-2025-47228
BaseFortify
Publication date: 2025-07-05
Last updated on: 2025-07-08
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability (CVE-2025-47228) exists in the Production Environment extension of Netmake ScriptCase through version 9.12.006 (23). It is a shell injection flaw in the SSH connection settings that allows authenticated attackers to execute arbitrary system commands via crafted HTTP requests. Additionally, it can be chained with another vulnerability (CVE-2025-47227) that allows an attacker to reset the administrator password without authentication, enabling pre-authenticated remote command execution. The exploitation involves injecting malicious input into SSH commands, leading to remote code execution on the server. [1]
How can this vulnerability impact me? :
This vulnerability can have severe impacts as it allows attackers to execute arbitrary system commands remotely on the affected server. If combined with the related password reset vulnerability, attackers can gain full control over the production environment without prior authentication. This can lead to unauthorized access, data theft, service disruption, and potential full compromise of the server hosting ScriptCase. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected using the provided Python exploitation script which supports detection of the deployment path and attempts to identify the vulnerability. For detection, you can run the script with the deployment path detection option: `python exploit.py -u http://example.org/ -d`. This script requires Python libraries Pillow, pytesseract, requests, and beautifulsoup4. There are no specific network commands mentioned, but using this script against your ScriptCase instance can help detect the vulnerability. [1]
What immediate steps should I take to mitigate this vulnerability?
The provided text does not specify immediate mitigation steps such as patches or configuration changes. However, since the vulnerability involves shell injection in the SSH connection settings and an authentication bypass, immediate steps would generally include restricting access to the affected ScriptCase Production Environment module, monitoring for suspicious activity, and applying any available updates or patches from the vendor once released. Since no explicit mitigation instructions are given in the resources, exact steps cannot be provided.