CVE-2025-52626
HCL AION is susceptible to Potential Command Injection vulnerability
In short
HCL AION 2.0 has a flaw that allows attackers to inject and execute unauthorized commands on the system. This could let them perform harmful actions beyond what they should be allowed to do.
Technical detail
CWE-78 command injection vulnerability in HCL AION 2.0 permits an attacker to inject malicious commands through application input, leading to unintended command execution with the privileges of the running process. Exploitation requires application interaction but can result in unauthorized system-level actions and potential compromise of the underlying infrastructure.
Summary generated and translated by AI from the official description.
A Potential Command Injection vulnerability in HCL AION.
An This can allow unintended command execution, potentially leading to unauthorized actions on the underlying system.This issue affects AION: 2.0
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Affected products
HCL · AIONWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →