CVE-2025-1546 | BDCOM Behavior Management and Auditing System up to 20250210 operate.mds log_operate_clear start_code os command injection

CVE-2025-1546 | BDCOM Behavior Management and Auditing System up to 20250210 operate.mds log_operate_clear start_code os command injection

A vulnerability has been found in BDCOM Behavior Management and Auditing System up to 20250210 and classified as critical. Affected by this vulnerability is the function log_operate_clear of the file /webui/modules/log/operate.mds. The manipulation of the argument start_code leads to os command injection. This vulnerability is known as CVE-2025-1546. The attack can be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.