Primary

Context

Netwrix Password Secure Command Injection Vulnerability

Vulnerability

Patched

A command injection vulnerability has been identified in Netwrix Password Secure version 9.2. This vulnerability allows authenticated users to execute arbitrary commands on the server where the application is running.

Impact

Exploitation of this vulnerability could lead to unauthorized command execution on the server.

Remediation

Users are advised to update Netwrix Password Secure to version 9.2.2. Instructions for updating can be found in the Netwrix Password Secure Update article on the Netwrix Help Center.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

10.0

exploitability

4.5

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

10.0

exploitability

4.5

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Netwrix Password Secure Command Injection Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Netwrix Password Secure

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating