Groov Rio Grv R7 Mm1001 10
Approved changes feed: RSS · Atom
cpe:2.3:a:opto22:groov_rio_grv-r7-mm1001-10:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Opto22 (aaa94f4b-cda7-5382-b637-0d421d319810) |
|---|---|
| Product | Groov Rio Grv R7 Mm1001 10 (98615657-1fc7-5c35-958f-b85d9e7dafc7) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-13087 |
vulnerable | 2026-06-08 07:04:31.552475 |
Command Injection in Opto22 Groov REST API
MEDIUM (6.2)
A vulnerability exists in the Opto22 Groov Manage REST API on GRV-EPIC and groov RIO Products that allows remote code execution with root privileges. When a POST request is executed against the vulnerable endpoint, the application reads certain header details and unsafely uses these values to build commands, allowing an attacker with administrative privileges to inject arbitrary commands that execute as root.
Published: 2025-11-20T21:32:37.510Z
Updated: 2025-11-21T16:01:40.324Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.