CVE-2025-34187 – Ilevia EVE X1/X5 Server 4.7.18.0.eden Reverse Rootshell

CVE ID : CVE-2025-34187

Published : Sept. 16, 2025, 8:15 p.m. | 42 minutes ago

Description : Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a misconfiguration in the sudoers file that allows passwordless execution of certain Bash scripts. If these scripts are writable by web-facing users or accessible via command injection, attackers can replace them with malicious payloads. Execution with sudo grants full root access, resulting in remote privilege escalation and potential system compromise.

Severity: 9.3 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…