CVE-2018-25159 | Epross AVCON6 systems management platform contains an object… | CVSS 9.8 CRITICAL

Description

Epross AVCON6 systems management platform contains an object-graph navigation language (OGNL) injection vulnerability that allows unauthenticated attackers to execute arbitrary commands by injecting malicious OGNL expressions. Attackers can send crafted requests to the login.action endpoint with OGNL payloads in the redirect parameter to instantiate ProcessBuilder objects and execute system commands with root privileges.

Metadata

CVE ID: CVE-2018-25159
State: PUBLISHED
Assigner: VulnCheck
Reserved: 2026-02-22 14:41 UTC
Published: 2026-03-11 18:23 UTC
Last updated: 2026-04-07 14:03 UTC
Primary CWE: CWE-1334
CWE-1334 Unauthorized Error Injection Can Degrade Hardware R…
Vendor / Product: Epross / AVCON6 systems management platform
Sources: cve.org · NVD

Severity & Metrics

9.8 CRITICAL CVSS 3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SSVC — CISA Coordinator

Exploitation: PoC
Automatable: yes
Tech. Impact: total

Affected products (1)

Vendor	Product	Platform	Versions
Epross	AVCON6 systems management platform	—	*

Weakness (CWE)

CWE	Source	Description
CWE-1334	cna	CWE-1334 Unauthorized Error Injection Can Degrade Hardware Redundancy

CVSS scores (2)

Score	Severity	Version	Source	Vector
9.8	CRITICAL	3.1	cna	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3	CRITICAL	4.0	cna	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

References (2)

ExploitDB-47379 https://www.exploit-db.com/exploits/47379
VulnCheck Advisory: Epross AVCON6 OGNL Remote Code Execution via login.action https://www.vulncheck.com/advisories/epross-avcon6-ognl-remote-code-execution-via-login-action