How severe is CVE-2025-41717?

CVE-2025-41717 has a CVSS v3 score of 8.8 (HIGH).

CVE-2025-41717

8.8HIGH

An unauthenticated remote attacker can trick a high privileged user into uploading a malicious payload via the config-upload endpoint, leading to code injection as root. This results in a total loss o

Published: 1/13/2026Updated: 1/13/2026

Description

An unauthenticated remote attacker can trick a high privileged user into uploading a malicious payload via the config-upload endpoint, leading to code injection as root. This results in a total loss of confidentiality, availability and integrity due to improper control of code generation ('Code Injection’).

AI AnalysisPowered by AI

References

https://certvde.com/de/advisories/VDE-2025-073