A critical vulnerability (CVE-2025-52562) in Performave Convoy—a KVM server management panel widely used by hosting providers—enables unauthenticated attackers to execute arbitrary code on affected systems. Rated the maximum CVSS score of 10.0, this flaw exposes servers to complete compromise without requiring authentication. Vulnerability Summary According to the Github report, the flaw resides in Convoy’s LocaleController component, where […]

The post Critical Convoy Flaw Allows Remote Code Execution on Servers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/critical-convoy-flaw/