GuanxingLu vlarl ZeroMQ reasoning_server.py run_reasoning_server deserialization_CVE-2025-10975

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was found in GuanxingLu vlarl up to 31abc0baf53ef8f5db666a1c882e1ea64def2997. This vulnerability affects the function experiments.robot.bridge.reasoning_server::run_reasoning_server of the file experiments/robot/bridge/reasoning_server.py of the component ZeroMQ. Performing manipulation of the argument Message results in deserialization. Remote exploitation of the attack is possible. The exploit has been made public and could be used. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided.

Basic Information

ID CVE-2025-10975

Source VulDB

Published Sep 25, 2025 at 21:32

Affected Product

Vendor GuanxingLu

Product vlarl

Version 31abc0baf53ef8f5db666a1c882e1ea64def2997

Affected Versions GuanxingLu vlarl 31abc0baf53ef8f5db666a1c882e1ea64def2997

CWE Classification

CWE-502 CWE-20

References

{
    "lastseen": "",
    "description": "A vulnerability was found in GuanxingLu vlarl up to 31abc0baf53ef8f5db666a1c882e1ea64def2997. This vulnerability affects the function experiments.robot.bridge.reasoning_server::run_reasoning_server of the file experiments/robot/bridge/reasoning_server.py of the component ZeroMQ. Performing manipulation of the argument Message results in deserialization. Remote exploitation of the attack is possible. The exploit has been made public and could be used. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided.",
    "published": "2025-09-25T21:32:07.791Z",
    "modified": "2025-09-25T21:32:07.791Z",
    "type": "cve",
    "title": "GuanxingLu vlarl ZeroMQ reasoning_server.py run_reasoning_server deserialization",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.325846\nhttps://vuldb.com/?ctiid.325846\nhttps://vuldb.com/?submit.653279\nhttps://github.com/GuanxingLu/vlarl/issues/18\nhttps://github.com/GuanxingLu/vlarl/issues/18#issue-3408978610",
    "id": "CVE-2025-10975",
    "bulletinFamily": "",
    "cwe": [
        "CWE-502",
        "CWE-20"
    ],
    "cvelist": null,
    "sourceData": "GuanxingLu vlarl 31abc0baf53ef8f5db666a1c882e1ea64def2997",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "vlarl",
    "version": "31abc0baf53ef8f5db666a1c882e1ea64def2997",
    "vendor": "GuanxingLu",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}