平台
ruby
组件
oxidized-web
修复版本
0.15.0
CVE-2025-27590 is a critical Remote Code Execution (RCE) vulnerability affecting Oxidized Web versions 0.0 through 0.14.0. An unauthenticated attacker can exploit this flaw to gain complete control over the Linux user account under which Oxidized Web is running, potentially compromising the entire system. The vulnerability resides within the RANCID migration page and has been resolved in version 0.15.0.
The impact of CVE-2025-27590 is severe. Successful exploitation allows an attacker to execute arbitrary commands with the privileges of the Oxidized Web user. This could lead to complete system compromise, including data exfiltration, malware installation, and lateral movement within the network. Given Oxidized Web's role in network device configuration management, an attacker could potentially modify device configurations, disrupt network operations, or gain access to sensitive configuration data. The lack of authentication required for exploitation significantly broadens the attack surface.
CVE-2025-27590 was publicly disclosed on 2025-03-03. The vulnerability's ease of exploitation and the potential for significant impact suggest a medium probability of exploitation. No public proof-of-concept code has been released as of this writing, but the vulnerability's simplicity makes it likely that exploits will emerge. It is not currently listed on CISA KEV.
Organizations utilizing Oxidized Web for network device configuration management are at risk, particularly those running versions 0.0 through 0.14.0. Environments with limited network segmentation or inadequate access controls are especially vulnerable, as an attacker could potentially exploit this vulnerability from outside the internal network.
• ruby / server:
grep -r 'rancid_migration' /opt/oxidized/web/• generic web:
curl -I http://<oxidized_server>/rancid_migration | grep Serverdisclosure
漏洞利用状态
EPSS
1.38% (80% 百分位)
CISA SSVC
CVSS 向量
The primary mitigation for CVE-2025-27590 is to immediately upgrade Oxidized Web to version 0.15.0 or later. If upgrading is not immediately feasible, consider implementing temporary workarounds such as restricting access to the RANCID migration page via a firewall or web application proxy. Carefully review and restrict the permissions of the Oxidized Web user account to minimize potential damage in the event of a compromise. Monitor system logs for suspicious activity related to the RANCID migration page.
将 Oxidized Web 更新到 0.15.0 或更高版本。此版本修复了允许未认证用户获得对运行 Oxidized Web 的 Linux 用户帐户控制权的漏洞。可以通过从官方仓库下载新版本并遵循安装说明来执行更新。
漏洞分析和关键警报直接发送到您的邮箱。
CVE-2025-27590 is a critical vulnerability in Oxidized Web versions 0.0 - 0.14.0 that allows unauthenticated users to execute arbitrary code on the system, potentially leading to complete compromise.
Yes, if you are running Oxidized Web versions 0.0 through 0.14.0, you are affected by this vulnerability. Upgrade to 0.15.0 or later immediately.
The recommended fix is to upgrade Oxidized Web to version 0.15.0 or later. If upgrading is not possible, restrict access to the RANCID migration page.
While no active exploitation has been confirmed, the vulnerability's simplicity suggests a high likelihood of exploitation in the near future.
Refer to the Oxidized Web project's official website and GitHub repository for the latest security advisories and updates: https://oxidized.io/
上传你的 Gemfile.lock 文件,立即知道是否受影响。