CNNVD-202512-2030 Information

CNNVD ID

CNNVD-202512-2030

Related CVE

CVE-2025-67511

• CNNVD Published: 2025-12-11

Description (Chinese)

Cybersecurity AI是Alias Robotics开源的一个网络安全AI安全框架。 Cybersecurity AI 0.5.9及之前版本存在命令注入漏洞，该漏洞源于run_ssh_command_with_credentials函数存在命令注入，可能导致执行任意命令。

Description (English)

Cybersecurity AI is an AI security framework for online security that is open to Alias Robotics. There is a command-injecting loophole in Cybersecurity AI 0.5.9 and earlier versions, which stems from the existence of an order-injection in the Run ssh committee with credentials function, which may result in the execution of an arbitrary command.

Hazard Level

Low

Vulnerability Type

命令注入

Affected Vendor

Alias Robotics

Published

2025-12-11

Last Modified

2026-02-24

References

https://github.com/aliasrobotics/cai/commit/09ccb6e0baccf56c40e6cb429c698750843a999c https://github.com/aliasrobotics/cai/security/advisories/GHSA-4c65-9gqf-4w8h