CNNVD-202509-3200 Information
CNNVD ID
CNNVD-202509-3200
Related CVE
- CNNVD Published: 2025-09-21
Description (Chinese)
CosmodiumCS OnlyRAT是CosmodiumCS个人开发者的一个远程访问木马,主要用于展示和研究远程控制恶意软件的工作方式。 CosmodiumCS OnlyRAT 3.2及之前版本存在安全漏洞,该漏洞源于对文件main.py中参数configuration[PASSWORD]的错误操作,可能导致os命令注入。
Description (English)
CosmodiumCS OnlyRT is a remote access horse for CosmodiumCS personal developers, which is used mainly to demonstrate and study the working methods of remote control of malicious software. CosmodiumCS OnlyRT 3.2 and earlier versions have a security loophole, which stems from an error in the use of the parametric configuration [PASSWORD] in the document Main.py, which may lead to an Os command injection.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2025-09-21
Last Modified
2026-02-24
References
https://vuldb.com/?id.325123 https://vuldb.com/?ctiid.325123 https://docs.google.com/document/d/1oq9YO831FbEDBI2BqNiW-7YA_kMzHJmMgy82F8f-L9g/edit?tab=t.0 https://docs.google.com/document/d/1oq9YO831FbEDBI2BqNiW-7YA_kMzHJmMgy82F8f-L9g/edit?usp=sharing https://vuldb.com/?submit.648118 https://access.redhat.com/security/cve/cve-2025-10767
Patch
https://github.com/CosmodiumCS/MK01-OnlyRAT
Share on: