Primary

Context

Materialise OrthoView OS Command Injection Vulnerability

Vulnerability

A command injection vulnerability has been identified in Materialise OrthoView versions through 7.5.1. This issue arises when servlet sharing is enabled, allowing unauthenticated users to execute arbitrary commands on the OrthoView server.

Impact

Exploitation of this vulnerability could lead to arbitrary code execution on the OrthoView server.

Remediation

Users with OrthoView installations that have servlet sharing enabled should contact OrthoView support at orthoviewsupport@materialise.co.uk for guidance on mitigating this vulnerability.

Added: Jun 23, 2025, 12:19 PM

Updated: Jun 23, 2025, 12:19 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.2

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.2

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Materialise OrthoView OS Command Injection Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating