- Description
- An improper access control issue in the VQL shell feature in Velociraptor Versions < 0.73.4 allowed authenticated users to execute the execve() plugin in deployments where this was explicitly forbidden by configuring the prevent_execve flag in the configuration file. This setting is not usually recommended and is uncommonly used, so this issue will only affect users who do set it. This issue is fixed in release 0.73.4.
- Source
- cve@rapid7.com
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 3.8
- Impact score
- 2.5
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
- Severity
- LOW
- cve@rapid7.com
- CWE-281
- Hype score
- Not currently trending
🚨 CVE-2025-0914 🟢 LOW (3.8) 🏢 Rapid7 - Velociraptor 🏗️ 0 🔗 https://t.co/y41SR8uDFy #CyberCron #VulnAlert https://t.co/BrTKDNac05
@cybercronai
2 Mar 2025
76 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
1 Quote
New post from https://t.co/uXvPWJy6tj (CVE-2025-0914 | Rapid7 Velociraptor up to 0.73.3 VQL Shell execve permissions) has been published on https://t.co/OrulIJCT1j
@WolfgangSesin
28 Feb 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0914 An improper access control issue in the VQL shell feature in Velociraptor Versions < 0.73.4 allowed authenticated users to execute the execve() plugin in deployments wh… https://t.co/epBHcMBUKL
@CVEnew
27 Feb 2025
62 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes