CVE

CVE-2025-68271

Unauthenticated Remote Code Execution in openc3-api

CVE

CVE-2025-68271

Unauthenticated Remote Code Execution in openc3-api

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. From 5.0.0 to 6.10.1, OpenC3 COSMOS contains a critical remote code execution vulnerability reachable through the JSON-RPC API. When a JSON-RPC request uses the string form of certain APIs, attacker-controlled parameter text is parsed into values using String#converttovalue. For array-like inputs, converttovalue executes eval(). Because the cmd code path parses the command string before calling authorize(), an unauthenticated attacker can trigger Ruby code execution even though the request ultimately fails authorization (401). This vulnerability is fixed in 6.10.2.

Package Versions Affected

No items found.

Automatically patch vulnerabilities without upgrading

Fix Without Upgrading

Detect compatible fix

Apply safe remediation

Fix with a single pull request

CVSS Version

3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Related Resources

No items found.

References

https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68271.json, https://github.com/OpenC3/cosmos/security/advisories/GHSA-w757-4qv9-mghp, https://nvd.nist.gov/vuln/detail/CVE-2025-68271

Severity

10

CVSS Score

Basic Information

Ecosystem

Base CVSS

EPSS Probability

EPSS Percentile

Introduced Version

8564ea619f339311a3b70b31ce7a780682de8ccb

Fix Available

180d4b639c11cf070671f0a49ba1cfaf87eb87f1

Fix Critical Vulnerabilities Instantly

Secure your app without upgrading.

Fix Without Upgrading

Get a Demo

Let's Patch It!

CVE-2025-68271

CVE-2025-68271

Package Versions Affected

Automatically patch vulnerabilities without upgrading

CVSS Version

Related Resources

References

Severity

10

Basic Information

Fix Critical Vulnerabilities Instantly