CVE-2025-60738 | THREATINT

Description

An issue in Ilevia EVE X1 Server Firmware Version v4.7.18.0.eden and before Logic Version v6.00 - 2025_07_21 and before allows a remote attacker to execute arbitrary code via the ping.php component does not perform secure filtering on IP parameters

PUBLISHED Reserved 2025-09-26 | Published 2025-11-20 | Updated 2025-11-21 | Assigner mitre

References

github.com/iSee857/ilevia-EVE-X1-Server

cve.org (CVE-2025-60738)

nvd.nist.gov (CVE-2025-60738)

Download JSON