Vulnerability Report

CVE-2025-69600

RCE

Title: Command Injection and Arbitrary Code Execution in Raynet rvia

RCE

Proof Of Concept

PoC Available for CVE-2025-69600

CWE Category NVD-CWE-noinfo

Published Date May 27, 2026

Modified Date Jun 01, 2026

Exploit Status Available

Score 7.8 CVSS v

Exploit Probability (EPSS)

0.83%

Vulnerability Summary

CVE-2025-69600: Command injection in Raynet rvia RayVentory Scan Engine 12.6 Update 8 and previous versions allows adversaries to execute commands via getconfig, upload, inventory, and oracle options.

Impacted Vendors

Analysis in Progress...

Reference Links

https://github.com/Wise-Security/CVE-2025-69600 https://support.raynet.de/hc/en-us/articles/19518792826132-RVY200865-RayVentory-12-6

CVSS v3.1

Source Entity 134c704f-9b21-4f2e-91b3-4a467353bcc0

Severity HIGH

7.8

Attack Vector

LOCAL

Complexity

LOW

Privileges

N/A

Interaction

NONE

Confidentiality

N/A

Integrity

N/A

Availability

N/A

Scope

UNCHANGED

RAW VECTOR CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2025-69600 Exploits & PoCs (Proof Of Concept)

GitHub https://github.com/Wise-Security/CVE-2025-69600

View Code

June 01, 2026 MODIFIED

Vulnerability data updated via NVD.

June 01, 2026 MODIFIED

Vulnerability data updated via NVD.

May 28, 2026 MODIFIED

Vulnerability data updated via NVD.

May 27, 2026 MODIFIED

Vulnerability data updated via NVD.

Attack Vector Matrix

Access Vector LOCAL

Complexity LOW

Privileges N/A

Interaction NONE

CVSS Vector String


                                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Stack

No specific products linked.