CVE-2025-47228

MEDIUM

Netmake ScriptCase <9.12.006 - Command Injection

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2025-47228. PoCs published by Alexandre ZANNI, synacktiv.

AI-analyzed exploit summary This exploit targets ScriptCase 9.12.006 (23) to achieve remote command execution by bypassing authentication via password reset and captcha manipulation. It uses OCR to solve captchas and resets the password to gain access.

Description

In the Production Environment extension in Netmake ScriptCase through 9.12.006 (23), shell injection in the SSH connection settings allows authenticated attackers to execute system commands via crafted HTTP requests.

Exploits (2)

exploitdb WORKING POC

by Alexandre ZANNI · pythonremotemultiple

https://www.exploit-db.com/exploits/52353

View Code ZIP pw:eip

This exploit targets ScriptCase 9.12.006 (23) to achieve remote command execution by bypassing authentication via password reset and captcha manipulation. It uses OCR to solve captchas and resets the password to gain access.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: ScriptCase 9.12.006 (23)

No auth needed

Prerequisites: Access to the target web application · Python environment with required libraries (requests, Pillow, pytesseract, beautifulsoup4)

MITRE ATT&CK

T1110 - Brute Force T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 16, 2026 Full analysis →

github WORKING POC 9 stars

by synacktiv · pythonpoc

https://github.com/synacktiv/CVE-2025-47227_CVE-2025-47228

View Code ZIP pw:eip

This repository contains a functional exploit script that chains two vulnerabilities in ScriptCase: an authentication bypass (CVE-2025-47227) and an authenticated remote command execution (CVE-2025-47228). The exploit automates password reset via CAPTCHA OCR and executes arbitrary commands via SSH command injection.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: ScriptCase (Production Environment module 1.0.003-build-2, included in ScriptCase 9.12.006)

No auth needed

Prerequisites: Network access to the target ScriptCase instance · CAPTCHA OCR dependencies (Tesseract, Pillow)

MITRE ATT&CK

T1078.001 - Default Accounts T1059.004 - Unix Shell T1110 - Brute Force

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3

Core References

Various Sources

https://github.com/synacktiv/CVE-2025-47227_CVE-2025-47228

Various Sources

https://www.scriptcase.net/changelog/

Various Sources

https://www.synacktiv.com/advisories/scriptcase-pre-authenticated-remote-command-execution

Scores

CVSS v3 6.7

EPSS 0.1444

EPSS Percentile 96.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-78

Status published

Products (1)

ScriptCase/ScriptCase < 9.12.006 (23)

Published Jul 05, 2025

Tracked Since Feb 18, 2026