Angeet ES3 KVM Command Injection Vulnerability via Improper Input Sanitization

Vulnerability

A vulnerability exists in the Angeet ES3 KVM due to inadequate sanitization of user-supplied variables in the 'cfg.lua' script. This flaw allows authenticated attackers to execute operating system-level commands.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of OS-level commands, potentially allowing an attacker to manipulate the system or its processes.

Added: Mar 17, 2026, 6:19 PM

Updated: Mar 17, 2026, 6:19 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.5

remediation

0.0

relevance

4.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.5

remediation

0.0

relevance

4.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Angeet ES3 KVM Command Injection Vulnerability via Improper Input Sanitization

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating