CVE-2025-51958
Command Injection in DokuWiki runcommand Plugin Allows Remote Execution
Publication date: 2026-01-30
Last updated on: 2026-02-13
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| aelsantex | runcommand | 2014-04-01 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
This vulnerability can lead to full system compromise, allowing attackers to execute any system commands remotely. This results in a high impact on confidentiality, integrity, and availability of the affected system, potentially exposing sensitive data, modifying or deleting data, and disrupting services. [2]
Can you explain this vulnerability to me?
CVE-2025-51958 is a critical command injection vulnerability in the runcommand plugin for DokuWiki, specifically in the file dokuwiki/lib/plugins/runcommand/postaction.php. It allows unauthenticated remote attackers to execute arbitrary system commands on the affected server without any privileges or user interaction. [2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by sending a crafted POST request to the vulnerable endpoint dokuwiki/lib/plugins/runcommand/postaction.php with parameters such as "rcObjectId=1&outputType1=text&command1=id". This command attempts to execute the 'id' system command remotely and returns system user and group information if the system is vulnerable. [2]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows unauthenticated remote attackers to execute arbitrary system commands, leading to full system compromise with high impact on confidentiality, integrity, and availability. Such a compromise can result in unauthorized access to sensitive data, potentially violating compliance requirements of standards like GDPR and HIPAA that mandate protection of personal and health information. Therefore, exploitation of this vulnerability could lead to non-compliance with these regulations due to data breaches and loss of data integrity. [2]