Home
Description
Command injection in Raynet rvia version 12.6 Update 8 and previous versions allows adversaries to execute arbitrary code via a crafted path that matches the improperly terminated search criteria of rvia's Java search using the find command.
References
github.com/...ity/CVE-2026-38945/blob/main/CVE-2026-38945.sh
github.com/Wise-Security/CVE-2026-38945