CVE-2025-28384 | THREATINT

Description

An issue in the /script-api/scripts/ endpoint of OpenC3 COSMOS before 6.1.0 allows attackers to execute a directory traversal.

PUBLISHED Reserved 2025-03-11 | Published 2025-06-13 | Updated 2025-10-27 | Assigner mitre

References

visionspace.com/...ment-of-an-open-source-mission-framework/

github.com/OpenC3/cosmos/releases/tag/v6.1.0

github.com/OpenC3/cosmos/pull/1828

github.com/...mmits/fc7e11310a7cdf9f1939886e1b29009db4d4b718

cve.org (CVE-2025-28384)

nvd.nist.gov (CVE-2025-28384)

Download JSON

help @ threatint.eu