How severe is CVE-2025-41225?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.8 out of 10.

What type of vulnerability is CVE-2025-41225?

This is classified as CWE-78, which is a common weakness in software security.

CVE-2025-41225

HIGH Year: 2025

CVSS v3 Score

8.8

High

Weakness Type

CWE-78

View all →

Vulnerability Description

The vCenter Server contains an authenticated command-execution vulnerability. A malicious actor with privileges to create or modify alarms and run script action may exploit this issue to run arbitrary commands on the vCenter Server.

CVE-2011-3178

HIGH

CVSS:8.8(High)

In the web ui of the openbuildservice before 2.3.0 a code injection of the project rebuildtimes statistics could be used by authorized attackers to execute shellcode.

CWE-782011

CVE-2012-4981

HIGH

CVSS:8.8(High)

Toshiba ConfigFree 8.0.38 has a CF7 File Remote Command Execution Vulnerability

CWE-782012

CVE-2012-5693

HIGH

CVSS:8.8(High)

Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the ipAddressTB parameter to (1) remoteAttack.pl or (2) ...

CWE-782012

CVE-2012-6610

HIGH

CVSS:8.8(High)

Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote authenticated users to execute arbitrary commands as demonstrated by a ; (semicolon) to the ping command feature.

CWE-782012

CVE-2013-1598

HIGH

CVSS:8.8(High)

A Command Injection vulnerability exists in Vivotek PT7135 IP Cameras 0300a and 0400a via the system.ntp parameter to the farseer.out binary file, which cold let a malicious user execute arbitrary cod...

CWE-782013

CVE-2013-2024

HIGH

CVSS:8.8(High)

OS command injection vulnerability in the "qs" procedure from the "utils" module in Chicken before 4.9.0.

CWE-782013

CVE-2025-41225

Vulnerability Description

Related Vulnerabilities

CVE-2011-3178

CVE-2012-4981

CVE-2012-5693

CVE-2012-6610

CVE-2013-1598

CVE-2013-2024