CVE-2026-25077
MEDIUM
6,3
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Attack Vector: network
Attack Complexity: low
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: low
Integrity: low
Availability: low
Description
AI Translation Available
Account users are allowed by default to register templates to be downloaded directly to the primary storage for deploying instances using the KVM hypervisor. Due to missing file name sanitization, an attacker can register malicious templates to execute arbitrary code on the KVM hosts. This can result in the compromise of resource integrity and confidentiality, data loss, denial of service, and availability of the KVM-based infrastructure managed by CloudStack.
Users are recommended to upgrade to Apache CloudStack versions 4.20.3.0 or 4.22.0.1, or later, which fixes this issue.
94
Improper Control of Generation of Code ('Code Injection')
DraftCommon Consequences
Security Scopes Affected:
Access Control
Integrity
Confidentiality
Availability
Non-Repudiation
Potential Impacts:
Bypass Protection Mechanism
Gain Privileges Or Assume Identity
Execute Unauthorized Code Or Commands
Hide Activities
Applicable Platforms
Languages:
Interpreted
Technologies:
AI/ML
Application
Cloudstack by Apache
Version Range Affected
From
4.21.0.0
(inclusive)
To
4.22.0.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:apache:cloudstack:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Cloudstack by Apache
Version Range Affected
From
4.11.0.0
(inclusive)
To
4.20.3.0
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:apache:cloudstack:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://lists.apache.org/thread/n8mt5b7wkpysstb8w7rr9f02kc5cq2xm