CVE Details
Basic Information
| Title | CVE-2025-4866 |
|---|---|
| Type | cve |
| Published | 2025-05-18T08:15:18 |
| Last Seen | 2025-05-18T08:21:07 |
CVSS Information
| Base Score | 6.3 (MEDIUM) |
|---|---|
| Attack Vector | NETWORK |
| Attack Complexity | LOW |
| Privileges Required | LOW |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | LOW |
| Integrity Impact | LOW |
| Availability Impact | LOW |
AI Analysis
| AI Description | A critical vulnerability in weibocom rill-flow 0.1.18 allows authenticated attackers to inject malicious code via the Management Console, potentially leading to unauthorized access or system compromise. |
|---|---|
| AI Severity | High |
| Vendor | weibocom |
| Product | rill-flow |
| Affected Version | 0.1.18 |
Additional Information
| CVE List | CVE-2025-4866 |
|---|---|
| CWE List | CWE-94, CWE-74 |
| Bulletin Family | cve |
Description
A vulnerability was found in weibocom rill-flow 0.1.18. It has been classified as critical. Affected is an unknown function of the component Management Console. The manipulation leads to code injection. It is possible to launch…
CVSS Score Summary
Base Score: %!f(string=#) (MEDIUM)