Rafael José Núñez Gulías

4 exploits Active since May 2026
CVE-2025-69599 GITHUB CRITICAL WRITEUP
RayVentory Scan Engine through 12.6 Update 8 - Privilege Escalation
RayVentory Scan Engine through 12.6 Update 8 allows attackers to gain privileges if they control the value of the PATH environment variable. NOTE: this is disputed because ability of an attacker to control the environment is a site-specific misconfiguration.
CVSS 9.8
CVE-2025-69600 WRITEUP HIGH WORKING POC
Raynet rvia 12.6.4392.49 - Command Injection via Find Command Argument Injection
Command injection in Raynet rvia RayVentory Scan Engine 12.6 Update 8 and previous versions allows adversaries to execute commands via getconfig, upload, inventory, and oracle options.
CVSS 7.8
CVE-2026-38945 WRITEUP HIGH WORKING POC
Raynet rvia 12.6.4392.49-amd64.deb - OS Command Injection via Java Search Path
Command injection in Raynet rvia version 12.6 Update 8 and previous versions allows adversaries to execute arbitrary code via a crafted path that matches the improperly terminated search criteria of rvia's Java search using the find command.
CVSS 7.8
CVE-2025-69599 WRITEUP CRITICAL WRITEUP
RayVentory Scan Engine through 12.6 Update 8 - Privilege Escalation
RayVentory Scan Engine through 12.6 Update 8 allows attackers to gain privileges if they control the value of the PATH environment variable. NOTE: this is disputed because ability of an attacker to control the environment is a site-specific misconfiguration.
CVSS 9.8