CVE-2025-67397 | THREATINT

Description

An issue in Passy v.1.6.3 allows a remote authenticated attacker to execute arbitrary commands via a crafted HTTP request using a specific payload injection.

PUBLISHED Reserved 2025-12-08 | Published 2026-01-05 | Updated 2026-01-06 | Assigner mitre

References

www.passy.it/

github.com/...ulnerability-Research/tree/main/CVE-2025-67397

cve.org (CVE-2025-67397)

nvd.nist.gov (CVE-2025-67397)

Download JSON