CVE-2025-69600
Awaiting Analysis Awaiting Analysis - Queue
Command Injection in Raynet rvia

Publication date: 2026-05-27

Last updated on: 2026-06-01

Assigner: MITRE

Description
Command injection in Raynet rvia RayVentory Scan Engine 12.6 Update 8 and previous versions allows adversaries to execute commands via getconfig, upload, inventory, and oracle options.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-27
Last Modified
2026-06-01
Generated
2026-06-17
AI Q&A
2026-05-27
EPSS Evaluated
2026-06-15
NVD
CVE-2025-69600
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
raynet rvia 12.6.4392.49
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-77 The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Impact Analysis

This vulnerability allows an attacker to execute arbitrary commands or code on the affected system. This can lead to unauthorized control over the system, potentially allowing the attacker to manipulate data, install malicious software, or disrupt normal operations.

Executive Summary

This vulnerability is a command injection flaw in Raynet rvia version 12.6.4392.49-amd64.deb. It occurs because the application uses an improperly constructed find command to search for a Java executable. The search criteria are not properly terminated or sanitized, allowing an attacker to create a crafted directory path that satisfies the malformed search query. This tricks the application into executing arbitrary Java code. Unlike typical PATH manipulation, this issue arises from the application's internal search logic.

Specifically, a local attacker can exploit this by creating a crafted directory structure and path that meets the improperly terminated find query used by the application to locate a Java runtime, leading to arbitrary code execution.

Detection Guidance

This vulnerability can be detected by attempting to inject commands through the vulnerable options of the rvia component, such as getconfig, upload, inventory, and oracle.

For example, to test the getconfig option, you can try executing a command like: ./opt/rvia/rvia getconfig \; whoami \; to see if arbitrary commands are executed.

Similarly, injection can be tested via the oracle option if the Java environment is not properly configured, or through the upload option by escaping quotes and appending a hashtag (#) to ignore subsequent arguments.

Compliance Impact

The provided information does not specify how the CVE-2025-69600 vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.

Mitigation Strategies

To mitigate the CVE-2025-69600 vulnerability, immediate steps include avoiding the use of vulnerable versions of Raynet rvia (12.6.4392.49 and earlier) and restricting access to the affected command-line interfaces (getconfig, upload, inventory, oracle) to trusted users only.

Ensure that user input passed to these commands is properly sanitized or validated to prevent command injection.

If possible, update or patch the RayVentory Scan Engine to a version that addresses this vulnerability once available.

In the meantime, monitor systems for suspicious command executions that may indicate exploitation attempts.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-69600. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart