Description
Vulnerabilities* in ActADUR local server product, developed and maintained by ProTNS, allows Remote Code Inclusion on host systems. * vulnerabilities: * Improper Neutralization of Special Elements used in a Command ('Command Injection') * Use of Hard-coded Credentials * Improper Authentication * Binding to an Unrestricted IP Address The vulnerability has been rated as critical.This issue affects ActADUR: from v2.0.1.9 before v2.0.2.0., hence updating to version v2.0.2.0. or above is required.
References (1)
Scores
CVSS v3
9.6
EPSS
0.0014
EPSS Percentile
33.2%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-1327
CWE-287
CWE-77
CWE-798
Status
published
Products (1)
ProTNS/ActADUR
v2.0.1.9 - v2.0.2.0
Published
Jul 15, 2025
Tracked Since
Feb 18, 2026