CVE-2025-10767 LOW

CVE-2025-10767: CosmodiumCS OnlyRAT Configuration File main.py remote_download os command injection

Vendor Cosmodiumcs

Product OnlyRAT

Weakness CWE-78

Published September 21, 2025

Last update September 22, 2025

View on NVD All CVEs

CVSS base score

2.0/10

Attack vector Local

Attack complexity High

Privileges required Low

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

What the vulnerability does

01Description

A vulnerability was detected in CosmodiumCS OnlyRAT up to 3.2. The affected element is the function connect/remote_upload/remote_download of the file main.py of the component Configuration File Handler. The manipulation of the argument configuration["PASSWORD"] results in os command injection. The attack requires a local approach. Attacks of this nature are highly complex. The exploitability is described as difficult. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Key dates

02Disclosure timeline

September 21, 2025 CVE published

September 22, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-10767

Related vulnerabilities

Identifiers

CVE CVE-2025-10767

CWE CWE-78

CVSS 2.0 / LOW

Affected versions

Vendor Cosmodiumcs

Product OnlyRAT

Affected 3.0

Vendor Cosmodiumcs

Product OnlyRAT

Affected 3.1

Vendor Cosmodiumcs

Product OnlyRAT

Affected 3.2

CVE-2025-10767: CosmodiumCS OnlyRAT Configuration File main.py remote_download os command injection

01Description

02Disclosure timeline

03References

04Related CVE