Two critical vulnerabilities in ScriptCase’s prod console could allow attackers to execute remote code and reset administrator passwords without authorization. Immediate mitigation by restricting access and monitoring for updates is essential to prevent full server compromise. #ScriptCase #CVE-2025-47227 #CVE-2025-47228
Keypoints
- Two high-severity vulnerabilities affect ScriptCase’s Production Environment module.
- CVE-2025-47227 allows remote password reset without authentication.
- CVE-2025-47228 facilitates remote command execution after authentication.
- Attackers can exploit these flaws remotely, bypassing typical security measures.
- Currently, no official fix is available; users should restrict access and monitor for updates.
Read More: https://gbhackers.com/scriptcase-vulnerabilities/