Platform
other
Component
actadur
Fixed in
v2.0.2.0
CVE-2025-3621 describes a critical Remote Code Execution (RCE) vulnerability discovered in ActADUR, a local server product developed by ProTNS. This vulnerability allows attackers to execute arbitrary code on affected systems due to issues like command injection and improper authentication. Versions 2.0.1.9 through 2.0.2.0 are vulnerable, and a fix is available in version 2.0.2.0 and later.
The impact of CVE-2025-3621 is severe. Successful exploitation allows an attacker to execute arbitrary code with the privileges of the ActADUR process. This could lead to complete system compromise, data exfiltration, and potential lateral movement within the network. The presence of hardcoded credentials further exacerbates the risk, potentially providing an easy entry point for attackers. The vulnerability's command injection nature mirrors the severity seen in other RCE vulnerabilities, enabling attackers to bypass security controls and gain unauthorized access.
CVE-2025-3621 has been published on 2025-07-15. The vulnerability's critical severity and the presence of multiple exploitable factors (command injection, hardcoded credentials) suggest a potential for active exploitation. Public proof-of-concept exploits are currently unknown, but the ease of exploitation associated with command injection vulnerabilities increases the likelihood of such exploits emerging. Monitor security advisories and threat intelligence feeds for updates.
Exploit Status
EPSS
0.32% (54% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-3621 is to immediately upgrade ActADUR to version 2.0.2.0 or a later version. If upgrading is not immediately feasible, consider isolating the ActADUR server from the network to limit potential exposure. While a direct workaround for command injection is unlikely, reviewing and restricting network access to the ActADUR server can reduce the attack surface. Monitor system logs for suspicious activity related to ActADUR, focusing on command execution attempts. After upgrading, confirm the fix by attempting to trigger the vulnerable functionality and verifying that the execution is blocked.
Update ActADUR to version 2.0.2.0 or higher. This update addresses the remote code execution, command injection, use of hard-coded credentials, improper authentication, and binding to an unrestricted IP address vulnerabilities. The update is critical to protect your system.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-3621 is a critical Remote Code Execution vulnerability affecting ActADUR versions 2.0.1.9 through 2.0.2.0, allowing attackers to execute code on the host system.
If you are running ActADUR version 2.0.1.9 through 2.0.2.0, you are vulnerable to this RCE vulnerability.
Upgrade ActADUR to version 2.0.2.0 or later to resolve this vulnerability. If immediate upgrade is not possible, isolate the server and monitor logs.
While no public exploits are currently known, the vulnerability's severity and ease of exploitation suggest a potential for active exploitation.
Refer to the official ProTNS security advisory for detailed information and updates regarding CVE-2025-3621.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.