CVE-2025-54306
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-04

Last updated on: 2025-12-16

Assigner: MITRE

Description
An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. A remote code execution vulnerability exists in the network configuration functionality, stemming from insufficient input validation when processing network configuration parameters through administrative endpoints. The application allows administrators to modify the server's network configuration through the Django application. This configuration is processed by Bash scripts (TSsetnoproxy and TSsetproxy) that write user-controlled data directly to environment variables without proper sanitization. After updating environment variables, the scripts execute a source command on /etc/environment; if an attacker injects malicious data into environment variables, this command can enable arbitrary command execution. The vulnerability begins with the /admin/network endpoint, which passes user-supplied form data as arguments to subprocess.Popen calls. The user-supplied input is then used to update environment variables in TSsetnoproxy and TSsetproxy, and finally source $environment is executed.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-04
Last Modified
2025-12-16
Generated
2026-05-07
AI Q&A
2025-12-04
EPSS Evaluated
2026-05-05
NVD
CVE-2025-54306
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
thermofisher torrent_suite_software 5.18.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-20 The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in the Thermo Fisher Torrent Suite Django application 5.18.1 and allows remote code execution. It occurs because the application processes network configuration parameters through administrative endpoints without proper input validation. Specifically, user-supplied data is passed to Bash scripts that set environment variables without sanitization. These scripts then execute a source command on /etc/environment, which can be exploited by an attacker to inject malicious commands and execute arbitrary code on the server.


How can this vulnerability impact me? :

This vulnerability can allow an attacker with access to the administrative network configuration endpoint to execute arbitrary commands on the server remotely. This could lead to full compromise of the server, unauthorized access to sensitive data, disruption of services, or further attacks within the network.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart