CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-64120

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Nuvation Energy Multi-Stack Controller (MSC) allows OS Command Injection.This issue affects Multi-Stack Controller (MSC): from 2.3.8 before 2.5.1.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 73.0%

CVSS Severity

CVSS v3 Score 8.8

References

https://www.dragos.com/community/advisories/CVE-2025-64119

Products affected by CVE-2025-64120

Nuvationenergy » Nplatform » Version: Any

cpe:2.3:a:nuvationenergy:nplatform:*
Nuvationenergy » Nuvmsc3-04s-C » Version: N/A

cpe:2.3:h:nuvationenergy:nuvmsc3-04s-c:-
Nuvationenergy » Nuvmsc3-08s-C » Version: N/A

cpe:2.3:h:nuvationenergy:nuvmsc3-08s-c:-
Nuvationenergy » Nuvmsc3-12s-C » Version: N/A

cpe:2.3:h:nuvationenergy:nuvmsc3-12s-c:-
Nuvationenergy » Nuvmsc3-16s-C » Version: N/A

cpe:2.3:h:nuvationenergy:nuvmsc3-16s-c:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-64120

Products

Pricing

Contact Us