Home

Description

A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active Directory Domain Controller’s wins hook, allowing an unauthenticated network attacker to achieve remote command execution as the Samba process.

PUBLISHED Reserved 2025-09-10 | Published 2025-11-07 | Updated 2025-11-08 | Assigner redhat




CRITICAL: 10.0CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Problem types

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Product status

Default status
unaffected

Any version before 4.21.9
affected

4.22.0 (semver) before 4.21.5
affected

4.23.0 (semver) before 4.23.2
affected

Default status
unaffected

Default status
unaffected

Default status
unaffected

Default status
unaffected

Default status
unaffected

Default status
unaffected

Default status
unaffected

Timeline

2025-09-10:Reported to Red Hat.
2025-10-15:Made public.

References

access.redhat.com/security/cve/CVE-2025-10230 vdb-entry

bugzilla.redhat.com/show_bug.cgi?id=2394377 (RHBZ#2394377) issue-tracking

www.samba.org/samba/history/security.html

cve.org (CVE-2025-10230)

nvd.nist.gov (CVE-2025-10230)

Download JSON