CVE-2025-51958

← CVEs

CRIT 9.8

Published

2026-01-30

Last Modified

2026-02-13

Affected Apps

Affected Devices

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

aelsantex runcommand 2014-04-01, a plugin for DokuWiki, allows unauthenticated attackers to execute arbitrary system commands via lib/plugins/runcommand/postaction.php.

Affected Applications in Environment 7

runc v4:1.2.9-2.module+el8.10.0+40047+0c0a73f4

1 device

runc v4:1.2.4-2.el9

1 device

runc v1:1.1.12-6.module+el8.10.0+90509+b5e1e789

1 device

runc v1.1.5+ds1-1+deb12u1

1 device

runc v4:1.2.5-2.module+el8.10.0+90704+e5ea1250

1 device

runc v1.0.0~rc93+ds1-5+deb11u5

1 device

runc v1.1.15+ds1-2+b4

2 devices

Affected Devices 8

acmedns Linux bloodhound Linux dpapsb-191594.mypc.usu.edu Linux eprocdev.banner.usu.edu Linux gravekeeper Linux oms.db.usu.edu Linux paymentworksdev.banner.usu.edu Linux soc Linux

References 3

https://gist.github.com/NtustLin/f64528002e4f61874045799127dc49a4
https://github.com/aelsantex/runcommand
https://www.dokuwiki.org/plugin:runcommand