CVE-2025-34300 Information

Jul 17, 2025 cve

Description

A template injection vulnerability exists in Sawtooth Software’s Lighthouse Studio versions prior to 9.16.14 via the ciwweb.pl http://ciwweb.pl/ Perl web application. Exploitation allows an unauthenticated attacker can execute arbitrary commands.

Reference

https://sawtoothsoftware.com/resources/software-downloads/lighthouse-studio https://slcyber.io/assetnote-security-research-center/rce-in-the-most-popular-survey-software-youve-never-heard-of/ https://slcyber.io/assetnote-security-research-center/rce-in-the-most-popular-survey-software-youve-never-heard-of/

CNNVD-202507-2227 (Published: 2025-07-16)

Share on:

CVE-2025-34300 Information

Description

Reference

Related CNNVD