Main Vulnerability Database Exploits ID:12261 - Exploit for Code Injection in SXZOS - CVE-2025-54322

ID:12261 - Exploit for Code Injection in SXZOS - CVE-2025-54322

Published: January 9, 2026

Vulnerability identifier: #VU120875

Vulnerability risk: Critical

CVE-ID: CVE-2025-54322

CWE-ID: CWE-94

Exploitation vector: Remote access

Vulnerable software:
SXZOS

Link to public exploit:

https://github.com/nkuty/CVE-2025-54322-exploit

Vulnerability description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a missing input validation in vLogin.py script when processing based64-encoded data. A remote non-authenticated attacker can send a specially crafted HTTP request with encoded Pythin code and execute it on the system with root privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

ID:12261 - Exploit for Code Injection in SXZOS - CVE-2025-54322

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human