What is CVE-2025-57791?

CVE-2025-57791 is a vulnerability in Commvault Commcell, classified under Argument Injection. Published 2025-08-20.

Is CVE-2025-57791 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Commvault Commcell

CVE-2025-57791

A security vulnerability has been identified that allows remote attackers to inject or manipulate command-line arguments passed to internal components due to insufficient input validation. Successful exploitation results in a valid user se…

EPSS: 0.378 (97.3th percentile) — read the EPSS interpretation.

Affected products

Commvault Commcell — versions 11.32.0, 11.36.0

Weakness classification (CWE)

CWE-88 — Argument Injection

Public proof-of-concept exploits

rapid7/metasploit-framework
ARPSyndicate/cve-scores

References

documentation.commvault.com/securityadvisories/CV_2025_08_1.html

Frequently asked questions

What is CVE-2025-57791?: CVE-2025-57791 is a vulnerability in Commvault Commcell, classified under Argument Injection. Published 2025-08-20.
Is CVE-2025-57791 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.