216.73.217.98

CVE-2025-15545

· Published 29/01/2026 18:16 · Modified 29/01/2026 18:54

Labels: CVE-2025-15545 2026-01-29CVE-2025-15545CWE-20f23511db-6c3e-4e32-a477-6aa17d310630

Essential information

Published
29/01/2026 18:16
Modified
29/01/2026 18:54
Author
Creator
CVSS
7.3 HIGH (v3) 7.3 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

The backup restore function does not properly validate unexpected or unrecognized tags within the backup file. When such a crafted file is restored, the injected tag is interpreted by a shell, allowing execution of arbitrary commands with root privileges. Successful exploitation allows the attacker to gain root-level command execution, compromising confidentiality, integrity and availability.

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
f23511db-6c3e-4e32-a477-6aa17d310630
NVD
View on NVD

Affected products (CPE)

ProductCPE
* / backup restore cpe:2.3:a:*:backup_restore:*:*:*:*:*:*:*:*

References