An issue in MHSanaei 3x-ui before v.2.5.3 and before allows a remote attacker to execute arbitrary code via the management script x-ui passes the no check certificate option to wget when downloading updates
References
Configurations
No configuration.
History
26 Jun 2025, 16:15
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
CWE | CWE-295 |
26 Jun 2025, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-06-26 15:15
Updated : 2025-06-26 18:57
NVD link : CVE-2025-29331
Mitre link : CVE-2025-29331
CVE.ORG link : CVE-2025-29331
JSON object : View
Products Affected
No product.
CWE
CWE-295
Improper Certificate Validation