CVE-2025-14558

high-risk

Published 2026-03-09

The rtsol(8) and rtsold(8) programs do not validate the domain search list options provided in router advertisement messages; the option body is passed to resolvconf(8) unmodified. resolvconf(8) is a shell script which does not validate its input. A lack of quoting meant that shell commands pass as input to resolvconf(8) may be executed.

Do I need to act?

55.4% chance of exploitation in next 30 days

EPSS score — higher than 45% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

1 public exploit available

52463

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.2/10 High

NETWORK / LOW complexity

Affected Products (16)

Freebsd

Affected Vendors

Freebsd

References (2)

Vendor Advisory https://security.freebsd.org/advisories/FreeBSD-SA-25:12.rtsold.asc

Exploit https://sploitus.com/exploit?id=MSF:EXPLOIT-FREEBSD-MISC-RTSOLD_DNSSL_CMDINJECT-

/ 100

high-risk

Severity 26/34 · High

Exploitability 18/34 · Moderate

Exposure 18/34 · Moderate