CVE Catalog

CVE-2025-53867

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.62%

45th percentile - higher than 45% of all known CVEs

Summary

A vulnerability in Island Lake WebBatch before version 2025C allows remote code execution via a crafted URL. An attacker can send a specially crafted HTTP request, leading to arbitrary code execution on the server.

Risk Assessment

The risk for the organization includes full compromise of the WebBatch server, potentially leading to data theft, malware installation, or service disruption.

Recommendation

Immediately upgrade WebBatch to version 2025C or later. Restrict access to the WebBatch interface to trusted networks and implement URL filtering.

Original NVD description (English source)

Island Lake WebBatch before 2025C allows Remote Code Execution via a crafted URL.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS