Cato’s Socket WebUI is vulnerable to OS Command Injection

8.3 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:H

Description

Cato Networks’ Socket versions prior to 25 contain a command injection vulnerability that allows an authenticated attacker with access to the Socket web interface (UI) to execute arbitrary operating system commands as the root user on the Socket’s internal system.

Basic Information

ID CVE-2025-14213

Source Cato

Published Mar 31, 2026 at 11:35

Modified Mar 31, 2026 at 13:21

Affected Product

Vendor Cato Networks

Product Socket

Version 24 and below

Affected Versions Cato Networks Socket 24 and below

CWE Classification

CWE-78 CWE-20

References

support.catonetworks.com /hc/en-us/articles/33184937283357-CVE-2025-14213-Socket-WebUI-OS-Command-Injection

{
    "lastseen": "",
    "description": "Cato Networks\u2019 Socket versions prior to 25 contain a command injection vulnerability that allows an authenticated attacker with access to the Socket web interface (UI) to execute arbitrary operating system commands as the root user on the Socket\u2019s internal system.",
    "published": "2026-03-31T11:35:48.868Z",
    "modified": "2026-03-31T13:21:59.364Z",
    "type": "cve",
    "title": "Cato's Socket WebUI is vulnerable to OS Command Injection",
    "source": "Cato",
    "references": "https://support.catonetworks.com/hc/en-us/articles/33184937283357-CVE-2025-14213-Socket-WebUI-OS-Command-Injection",
    "id": "CVE-2025-14213",
    "bulletinFamily": "",
    "cwe": [
        "CWE-78",
        "CWE-20"
    ],
    "cvelist": null,
    "sourceData": "Cato Networks Socket 24 and below",
    "sourceHref": "",
    "cvss": {
        "score": 8.3,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:H",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Socket",
    "version": "24 and below",
    "vendor": "Cato Networks",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Cato’s Socket WebUI is vulnerable to OS Command Injection_CVE-2025-14213