CVE-2025-30055
Conditional RCE via the "system" function
The "system" function receives untrusted input from the user. If the "EnableJSCaching" option is enabled, it is possible to execute arbitrary code provided as the "Module" parameter.
CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
Affected products
CGM · CGM CLININETWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →