CVE-2025-47286

Published
View on NVD ↗
CVSS v3
7.2
HIGH
CVSS v2
N/A
Affected
1
PROJECT

Description

Combodo iTop is a web based IT service management tool. In versions prior to 2.7.13 and 3.2.2, an administrator can, by editing the configuration of the iTop instance, execute code on the server. Versions 2.7.13 and 3.2.2 escape and check the config parameter before executing a command based on it.

Combodo/iTop
Combodo/iTop
A simple, web based CMDB & IT Service Management tool
GitHubGitHub
1.13K