Skip to main content

Bondix Server

1 CVEs product

Monthly

CVE-2026-12104 HIGH This Week

Authenticated OS command injection in SIMA GmbH Bondix Server through 1.25.7.5 on Linux allows an attacker with configuration write privileges to execute arbitrary operating-system commands by supplying crafted values in the environment and tunnel configuration that are passed unsanitized to server-side scripts. The flaw was reported by NCSC.ch and carries a CVSS 4.0 base score of 8.6 (High); no public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV.

Command Injection Bondix Server
NVD VulDB
CVSS 4.0
8.6
EPSS
1.1%
EPSS 1% CVSS 8.6
HIGH This Week

Authenticated OS command injection in SIMA GmbH Bondix Server through 1.25.7.5 on Linux allows an attacker with configuration write privileges to execute arbitrary operating-system commands by supplying crafted values in the environment and tunnel configuration that are passed unsanitized to server-side scripts. The flaw was reported by NCSC.ch and carries a CVSS 4.0 base score of 8.6 (High); no public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV.

Command Injection Bondix Server
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy