The rtsol(8) and rtsold(8) programs do not validate the domain search list options provided in router advertisement messages, the option body is passed to resolvconf(8) unmodified.
resolvconf(8) is a shell script which does not validate its input. A lack of quoting meant that shell commands pass as input to resolvconf(8) may be executed.
Published: 2026-03-09
CVSS: 7.2
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Download Exploit for CVE-2025-14558 here:
Tip: Download official Tor Browser at https://www.torproject.org/download/ to access .onion links.
https://augustaverburg.nl/exploit-786-cve-2025-62199/
https://augustaverburg.nl/exploit-814-cve-2024-21140/
https://augustaverburg.nl/exploit-196-cve-2024-2511/
https://augustaverburg.nl/exploit-453-cve-2023-0466/