- Description
- A vulnerability, which was classified as critical, has been found in exelban stats up to 2.11.21. This issue affects the function shouldAcceptNewConnection of the component XPC Service. The manipulation leads to command injection. It is possible to launch the attack on the local host. Upgrading to version 2.11.22 is able to address this issue. It is recommended to upgrade the affected component.
- Source
- cna@vuldb.com
- NVD status
- Received
CVSS 4.0
- Type
- Secondary
- Base score
- 8.5
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Secondary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Secondary
- Base score
- 6.8
- Impact score
- 10
- Exploitability score
- 3.1
- Vector string
- AV:L/AC:L/Au:S/C:C/I:C/A:C
- cna@vuldb.com
- CWE-74
- Hype score
- Not currently trending
CVE-2025-0396 (CVSS:7.8, HIGH) is Awaiting Analysis. A vulnerability, which was classified as critical, has been found in exelban stats up to 2.11.21. This issue affects the..https://t.co/7CLiPatLoH #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
16 Jan 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 #Breakingnews: "CVE-2025-0396" A new CVE detected - with severity "HIGH". More:https://t.co/xhfyjimItM. 📢 Follow us for more updates! #CVE #ThreatAlert #InfoSec #CriticalVulnerability
@bluepinksec
13 Jan 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-0396: HIGH] Critical vulnerability found in exelban stats up to 2.11.21. Exploiting "shouldAcceptNewConnection" in XPC Service allows command injection locally. Update to 2.11.22 to fix this issue.#cybersecurity,#vulnerability https://t.co/5AB7KVrXbk https://t.co/ikI27n
@CveFindCom
12 Jan 2025
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0396 A vulnerability, which was classified as critical, has been found in exelban stats up to 2.11.21. This issue affects the function shouldAcceptNewConnection of the compo… https://t.co/m1onfocvAD
@CVEnew
12 Jan 2025
798 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes