CVE-2025-69600
Received Received - Intake
BaseFortify

Publication date: 2026-05-27

Last updated on: 2026-05-27

Assigner: MITRE

Description
Command injection in Raynet rvia 12.6.4392.49-amd64.deb allows adversaries to execute commands via getconfig, and upload through the URL argument, and oracle through the -o flag The Supplier's perspective is that this is caused by Argument Injection in the find command query in rvia 12.6.4392.49. This in an arbitrary code execution flaw caused by an incorrectly constructed find command. The application actively searches for a Java executable by using search criteria that is not properly terminated or sanitized. By constructing a crafted directory path that satisfies the malformed search criteria, an attacker can trick the application into executing arbitrary Java code. This differs from standard PATH manipulation because it stems from the application's internal search logic. Specifically, a local attacker can create a crafted directory structure and path that satisfies an improperly terminated find query used by the application to locate a Java runtime.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-27
Last Modified
2026-05-27
Generated
2026-05-28
AI Q&A
2026-05-27
EPSS Evaluated
N/A
NVD
CVE-2025-69600
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
raynet rvia 12.6.4392.49
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a command injection flaw in Raynet rvia version 12.6.4392.49-amd64.deb. It occurs because the application uses an improperly constructed find command to search for a Java executable. The search criteria are not properly terminated or sanitized, allowing an attacker to create a crafted directory path that satisfies the malformed search query. This tricks the application into executing arbitrary Java code. Unlike typical PATH manipulation, this issue arises from the application's internal search logic.

Specifically, a local attacker can exploit this by creating a crafted directory structure and path that meets the improperly terminated find query used by the application to locate a Java runtime, leading to arbitrary code execution.


How can this vulnerability impact me? :

This vulnerability allows an attacker to execute arbitrary commands or code on the affected system. This can lead to unauthorized control over the system, potentially allowing the attacker to manipulate data, install malicious software, or disrupt normal operations.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by attempting to inject commands through the vulnerable options of the rvia component, such as getconfig, upload, inventory, and oracle.

For example, to test the getconfig option, you can try executing a command like: ./opt/rvia/rvia getconfig \; whoami \; to see if arbitrary commands are executed.

Similarly, injection can be tested via the oracle option if the Java environment is not properly configured, or through the upload option by escaping quotes and appending a hashtag (#) to ignore subsequent arguments.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

The provided information does not specify how the CVE-2025-69600 vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart