CVE-2025-10622

HIGH LAB

Red Hat Satellite - Command Injection

Title source: llm

Description

A flaw was found in Red Hat Satellite (Foreman component). This vulnerability allows an authenticated user with edit_settings permissions to achieve arbitrary command execution on the underlying operating system via insufficient server-side validation of command whitelisting.

Exploits (1)

github WORKING POC

by exploitintel · pythonpoc

https://github.com/exploitintel/eip-pocs-and-cves/tree/main/CVE-2025-10622

View Code ZIP pw:eip

References (7)

[Various Sources] https://theforeman.org/security.html#2025-10622

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2025:19721

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2025:19832

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2025:19855

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2025:19856

[Vendor Advisory] https://access.redhat.com/security/cve/CVE-2025-10622

[Issue Tracking] https://bugzilla.redhat.com/show_bug.cgi?id=2396020

Scores

CVSS v3 8.0

EPSS 0.0015

EPSS Percentile 34.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Lab Environment

Lab screenshot

vulnerable

docker pull ghcr.io/exploitintel/cve-2025-10622-vulnerable:latest

All Labs GitHub

Classification

CWE

CWE-78

Status draft

Timeline

Published Nov 05, 2025

Tracked Since Feb 18, 2026