CVE-2025-34186 – Ilevia EVE X1/X5 Server 4.7.18.0.eden Authentication Bypass

CVE ID : CVE-2025-34186

Published : Sept. 16, 2025, 8:15 p.m. | 42 minutes ago

Description : Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a vulnerability in its authentication mechanism. Unsanitized input is passed to a system() call for authentication, allowing attackers to inject special characters and manipulate command parsing. Due to the binary’s interpretation of non-zero exit codes as successful authentication, remote attackers can bypass authentication and gain full access to the system.

Severity: 9.3 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…