CRITICAL 9.8

PYSEC-2025-149

상세

A remote code execution (RCE) vulnerability in the Plugin Management component of OpenC3 COSMOS v6.0.0 allows attackers to execute arbitrary code via uploading a crafted .txt file.

이 버전이 영향받나요?

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

영향 패키지

PyPI / openc3

최초 영향 버전: 0

No fixed version published yet for openc3 (pip). Pin to a known-safe version or switch to an alternative.

참고

https://openc3.com/ [WEB]
https://visionspace.com/openc3-cosmos-a-security-assessment-of-an-open-source-mission-framework/ [EVIDENCE]