OS Command Injection Vulnerability in Affected Product by Vendor
CVE-2025-55055

6.8MEDIUM

Key Information:

Vendor: Rumpus
Status: Ftp Server
Vendor: CVE Published:; 17 November 2025

What is CVE-2025-55055?

This vulnerability arises from improper neutralization of special elements used in operating system commands. An attacker may exploit this weakness to execute arbitrary commands on the host system, potentially leading to unauthorized information disclosure or service disruption. It is crucial for users of the affected product to implement mitigation measures to secure their systems and prevent exploitation.

Affected Version(s)

FTP Server 9.0.12

References

https://www.gov.il/en/departments/dynamiccollectors/cve_a...

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 17, 2025
Vulnerability Reserved
Aug 6, 2025

Credit

Moshe Mizrahi, Almog Cygel, Naor Yaacob

JSON

Rumpus

What is CVE-2025-55055?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit