What is CVE-2019-25024?

CVE-2019-25024 is a vulnerability in N/a. Published 2021-02-19.

Is CVE-2019-25024 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2019-25024

OpenRepeater (ORP) before 2.2 allows unauthenticated command injection via shell metacharacters in the functions/ajax_system.php post_service parameter.

EPSS: 0.626 (98.4th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

codexlynx/CVE-2019-25024
ARPSyndicate/cve-scores
developer3000S/PoC-in-GitHub

References

github.com/OpenRepeater/openrepeater/issues/66
github.com/codexlynx/CVE-2019-25024
github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2019-25024.md

Frequently asked questions

What is CVE-2019-25024?: CVE-2019-25024 is a vulnerability in N/a. Published 2021-02-19.
Is CVE-2019-25024 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.