VDB
GCVE-110-NCSC-2025-319
GCVE-110-NCSC-2025-319
Advisory PublishedCVSS 7.5/10
A highly-privileged attacker using passwords with special shell metacharacters can execute arbitrary system commands, causing the rSeries FIPS hardware security module to fail initialization and potentially cross security boundaries.
Weaknesses (CWE)
CWE-1284Improper Validation of Specified Quantity in InputCWE-674Uncontrolled RecursionCWE-476NULL Pointer DereferenceCWE-705Incorrect Control Flow ScopingCWE-401Missing Release of Memory after Effective LifetimeCWE-457Use of Uninitialized VariableCWE-770Allocation of Resources Without Limits or ThrottlingCWE-125Out-of-bounds ReadCWE-120Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')CWE-415Double FreeCWE-252Unchecked Return ValueCWE-250Execution with Unnecessary PrivilegesCWE-404Improper Resource Shutdown or ReleaseCWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')CWE-667Improper LockingCWE-78Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')CWE-95Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')CWE-416Use After FreeCWE-459Incomplete CleanupCWE-672Operation on a Resource after Expiration or ReleaseCWE-787Out-of-bounds WriteCWE-824Access of Uninitialized PointerCWE-73External Control of File Name or PathCWE-425Direct Request ('Forced Browsing')CWE-146Improper Neutralization of Expression/Command DelimitersCWE-214Invocation of Process Using Visible Sensitive InformationCWE-340Generation of Predictable Numbers or IdentifiersCWE-703Improper Check or Handling of Exceptional Conditions
Risk Scores
CVSS 3.1
7.5/10
High · CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| F5 | vers:unknown/* | — | — |
Aliases
CVE-2025-41430CVE-2025-46706CVE-2025-47148CVE-2025-47150CVE-2025-48008CVE-2025-53474CVE-2025-53521CVE-2025-53856CVE-2025-53860CVE-2025-53868CVE-2025-54479CVE-2025-54755CVE-2025-54805CVE-2025-54854CVE-2025-54858CVE-2025-55036CVE-2025-55669CVE-2025-55670CVE-2025-57780CVE-2025-58071CVE-2025-58120CVE-2025-58153CVE-2025-58424CVE-2025-58474CVE-2025-59268CVE-2025-59269CVE-2025-59478CVE-2025-59481CVE-2025-59483CVE-2025-59778CVE-2025-59781CVE-2025-60013CVE-2025-60015CVE-2025-60016CVE-2025-61933CVE-2025-61935CVE-2025-61938CVE-2025-61951CVE-2025-61955CVE-2025-61958CVE-2025-61960CVE-2025-61974CVE-2025-61990
References
Browse GCVE Records
73,040 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.