Plattform
ruby
Komponente
oxidized-web
Behoben in
0.15.0
CVE-2025-27590 is a critical Remote Code Execution (RCE) vulnerability affecting Oxidized Web versions 0.0 through 0.14.0. An unauthenticated attacker can exploit this flaw to gain complete control over the Linux user account under which Oxidized Web is running, potentially compromising the entire system. The vulnerability resides within the RANCID migration page and has been resolved in version 0.15.0.
The impact of CVE-2025-27590 is severe. Successful exploitation allows an attacker to execute arbitrary commands with the privileges of the Oxidized Web user. This could lead to complete system compromise, including data exfiltration, malware installation, and lateral movement within the network. Given Oxidized Web's role in network device configuration management, an attacker could potentially modify device configurations, disrupt network operations, or gain access to sensitive configuration data. The lack of authentication required for exploitation significantly broadens the attack surface.
CVE-2025-27590 was publicly disclosed on 2025-03-03. The vulnerability's ease of exploitation and the potential for significant impact suggest a medium probability of exploitation. No public proof-of-concept code has been released as of this writing, but the vulnerability's simplicity makes it likely that exploits will emerge. It is not currently listed on CISA KEV.
Organizations utilizing Oxidized Web for network device configuration management are at risk, particularly those running versions 0.0 through 0.14.0. Environments with limited network segmentation or inadequate access controls are especially vulnerable, as an attacker could potentially exploit this vulnerability from outside the internal network.
• ruby / server:
grep -r 'rancid_migration' /opt/oxidized/web/• generic web:
curl -I http://<oxidized_server>/rancid_migration | grep Serverdisclosure
Exploit-Status
EPSS
1.38% (80% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-27590 is to immediately upgrade Oxidized Web to version 0.15.0 or later. If upgrading is not immediately feasible, consider implementing temporary workarounds such as restricting access to the RANCID migration page via a firewall or web application proxy. Carefully review and restrict the permissions of the Oxidized Web user account to minimize potential damage in the event of a compromise. Monitor system logs for suspicious activity related to the RANCID migration page.
Actualice Oxidized Web a la versión 0.15.0 o superior. Esta versión corrige la vulnerabilidad que permite a usuarios no autenticados obtener control sobre la cuenta de usuario de Linux que ejecuta Oxidized Web. La actualización se puede realizar descargando la nueva versión desde el repositorio oficial y siguiendo las instrucciones de instalación.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-27590 is a critical vulnerability in Oxidized Web versions 0.0 - 0.14.0 that allows unauthenticated users to execute arbitrary code on the system, potentially leading to complete compromise.
Yes, if you are running Oxidized Web versions 0.0 through 0.14.0, you are affected by this vulnerability. Upgrade to 0.15.0 or later immediately.
The recommended fix is to upgrade Oxidized Web to version 0.15.0 or later. If upgrading is not possible, restrict access to the RANCID migration page.
While no active exploitation has been confirmed, the vulnerability's simplicity suggests a high likelihood of exploitation in the near future.
Refer to the Oxidized Web project's official website and GitHub repository for the latest security advisories and updates: https://oxidized.io/
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Gemfile.lock-Datei hoch und wir sagen dir sofort, ob du betroffen bist.