CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24968 – Business Logic And Unrestricted Project Deletion Lead To Take Over the System in reNgine
https://notcve.org/view.php?id=CVE-2025-24968
04 Feb 2025 — reNgine is an automated reconnaissance framework for web applications. An unrestricted project deletion vulnerability allows attackers with specific roles, such as `penetration_tester` or `auditor` to delete all projects in the system. This can lead to a complete system takeover by redirecting the attacker to the onboarding page, where they can add or modify users, including Sys Admins, and configure critical settings like API keys and user preferences. This issue affects all versions up to and including 2.... • https://github.com/yogeshojha/rengine/security/advisories/GHSA-3327-6x79-q396 • CWE-284: Improper Access Control •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24967 – Stored XSS on Admin Panel When Deleting a User in reNgine
https://notcve.org/view.php?id=CVE-2025-24967
04 Feb 2025 — reNgine is an automated reconnaissance framework for web applications. A stored cross-site scripting (XSS) vulnerability exists in the admin panel's user management functionality. An attacker can exploit this issue by injecting malicious payloads into the username field during user creation. This vulnerability allows unauthorized script execution whenever the admin views or interacts with the affected user entry, posing a significant risk to sensitive admin functionalities. This issue affects all versions u... • https://github.com/yogeshojha/rengine/security/advisories/GHSA-23wx-5q5w-334w • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24966 – HTML Injection in reNgine
https://notcve.org/view.php?id=CVE-2025-24966
04 Feb 2025 — reNgine is an automated reconnaissance framework for web applications. HTML Injection occurs when an application improperly validates or sanitizes user inputs, allowing attackers to inject arbitrary HTML code. In this scenario, the vulnerability exists in the "Add Target" functionality of the application, where the Target Organization and Target Description fields accept HTML payloads. The injected HTML is rendered and executed in the target area, potentially leading to malicious actions. Exploitation of HT... • https://github.com/yogeshojha/rengine/security/advisories/GHSA-4phc-m2wm-p8x6 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24899 – Disclosure of Sensitive User Information via API in reNgine
https://notcve.org/view.php?id=CVE-2025-24899
03 Feb 2025 — reNgine is an automated reconnaissance framework for web applications. A vulnerability was discovered in reNgine, where **an insider attacker with any role** (such as Auditor, Penetration Tester, or Sys Admin) **can extract sensitive information from other reNgine users.** After running a scan and obtaining vulnerabilities from a target, the attacker can retrieve details such as `username`, `password`, `email`, `role`, `first name`, `last name`, `status`, and `activity information` by making a GET request t... • https://github.com/yogeshojha/rengine/commit/a658b8519f1a3347634b04733cf91ed933af1f99 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24962 – Command Injection in reNgine
https://notcve.org/view.php?id=CVE-2025-24962
03 Feb 2025 — reNgine is an automated reconnaissance framework for web applications. In affected versions a user can inject commands via the nmap_cmd parameters. This issue has been addressed in commit `c28e5c8d` and is expected in the next versioned release. Users are advised to filter user input and monitor the project for a new release. • https://github.com/yogeshojha/rengine/commit/c28e5c8d304478a787811580b4d80b330920ace4 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43381 – reNgine vulnerable to Stored Cross-Site Scripting (XSS) via DNS Record Poisoning
https://notcve.org/view.php?id=CVE-2024-43381
16 Aug 2024 — reNgine is an automated reconnaissance framework for web applications. Versions 2.1.2 and prior are susceptible to Stored Cross-Site Scripting (XSS) attacks. This vulnerability occurs when scanning a domain, and if the target domain's DNS record contains an XSS payload, it leads to the execution of malicious scripts in the reNgine's dashboard view when any user views the scan results. The XSS payload is directly fetched from the DNS record of the remote target domain. Consequently, an attacker can execute t... • https://github.com/yogeshojha/rengine/commit/064bac1c7c4d2b90745bf225c92e74d83edb7a4d • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-87: Improper Neutralization of Alternate XSS Syntax •
CVSS: 9.0EPSS: 51%CPEs: 1EXPL: 2CVE-2023-50094
https://notcve.org/view.php?id=CVE-2023-50094
01 Jan 2024 — reNgine through 2.0.2 allows OS Command Injection if an adversary has a valid session ID. The attack places shell metacharacters in an api/tools/waf_detector/?url= string. The commands are executed as root via subprocess.check_output. reNgine hasta 2.0.2 permite la inyección de comandos del sistema operativo si un adversario tiene una ID de sesión válida. El ataque coloca metacaracteres del shell en una cadena api/tools/waf_detector/? • https://github.com/Zierax/CVE-2023-50094_POC • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1813 – OS Command Injection in yogeshojha/rengine
https://notcve.org/view.php?id=CVE-2022-1813
22 May 2022 — OS Command Injection in GitHub repository yogeshojha/rengine prior to 1.2.0. Inyección de comandos del sistema operativo en el repositorio GitHub yogeshojha/rengine versiones anteriores a 1.2.0 • https://github.com/yogeshojha/rengine/commit/8277cec0f008a0451371a92e7e0bf082ab3f0c34 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-28995
https://notcve.org/view.php?id=CVE-2022-28995
20 May 2022 — Rengine v1.0.2 was discovered to contain a remote code execution (RCE) vulnerability via the yaml configuration function. Se ha detectado que Rengine versión v1.0.2, contiene una vulnerabilidad de ejecución de código remota (RCE) por medio de la función yaml configuration • https://github.com/zongdeiqianxing/rengine/issues/1 •