CVE-2023-53945 – BrainyCP 1.0 Remote Code Execution via Authenticated Crontab Manipulation

https://notcve.org/view.php?id=CVE-2023-53945

19 Dec 2025 — BrainyCP 1.0 contains an authenticated remote code execution vulnerability that allows logged-in users to inject arbitrary commands through the crontab configuration interface. Attackers can exploit the crontab endpoint by adding a malicious command that spawns a reverse shell to a specified IP and port. • https://brainycp.io • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •