Vulnerability Description
A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that could cause remote command execution by a privileged account when the server is accessed via a console and through exploitation of the hostname input.
Related Weaknesses (CWE)
References
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-189-01&p_enDoc
- http://seclists.org/fulldisclosure/2025/Jul/8
- http://seclists.org/fulldisclosure/2025/Jul/9
FAQ
What is CVE-2025-50123?
CVE-2025-50123 is a documented vulnerability. A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that could cause remote command execution by a privileged account when the server is accessed via a console an...
How severe is CVE-2025-50123?
CVSS scoring is not yet available for CVE-2025-50123. Check NVD for updates.
Is there a patch for CVE-2025-50123?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.