CVE-2025-5030 – Ackites KillWxapkg os Command Injection Vulnerability

May 21, 2025

CVE ID : CVE-2025-5030

Published : May 21, 2025, 5:15 p.m. | 3 hours, 26 minutes ago

Description : A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been declared as critical. This vulnerability affects the function processFile of the file internal/unpack/unpack.go of the component wxapkg File Parser. The manipulation leads to os command injection. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.

Severity: 5.0 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5031 – Ackites KillWxapkg wxapkg File Decompression Handler Resource Consumption Vulnerability

Next Article CVE-2025-20152 – Cisco ISE RADIUS Message Processing Denial of Service Vulnerability

10 Top Node.js Development Companies for Enterprise-Scale Projects (2025-2026 Ranked & Reviewed)

12 Must-Know Cost Factors When Hiring Node.js Developers for Your Enterprise

Mirantis reveals Lens Prism, an AI copilot for operating Kubernetes clusters

Avoid these common platform engineering mistakes

A UN Human Rights Council report lists Microsoft among big tech companies that “profit” from Gaza genocide

The best Costco deals to compete with Prime Day: TVs, laptops, Apple products, and more

This 9-in-1 off-grid portable power station has a 17-year lifespan – and it’s over 50% off

DistroWatch Weekly, Issue 1129

Token System using PHP and MySQL

Token System using PHP and MySQL

Create React UI component with uncontrollable

Flaget – new small 5kB CLI argument parser

A UN Human Rights Council report lists Microsoft among big tech companies that “profit” from Gaza genocide

A UN Human Rights Council report lists Microsoft among big tech companies that “profit” from Gaza genocide

Microsoft Forms Was Down for Some Users; But Now Fixed

DistroWatch Weekly, Issue 1129

CVE-2025-5030 – Ackites KillWxapkg os Command Injection Vulnerability

Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC

CISA Adds 3 Flaws to KEV Catalog, Impacting AMI MegaRAC, D-Link, Fortinet

CVE-2025-46672 – NASA CryptoLib Crypto Function Status Validation Bypass

AI’s biggest surprises of 2024 | Unlocked 403 cybersecurity podcast (S2E1)

CVE-2025-4908 – PHPGurukul Daily Expense Tracker System SQL Injection Vulnerability

How to Audit Android Accessibility with the Accessibility Scanner App

CVE-2025-48488 – FreeScout Cross-Site Scripting (XSS) Vulnerability

Perficient is Headed to Salesforce Connections 2025: Here’s What You Need to Know

CVE-2025-46232 – Alt Text AI Missing Authorization

Meta, Facebook, and Instagram AI is coming for EU data — Here’s what you need to know (and how to opt out)

CVE-2025-5030 – Ackites KillWxapkg os Command Injection Vulnerability

Related Posts