CNNVD-202506-2091 Information

CNNVD ID

CNNVD-202506-2091

Related CVE

CVE-2025-34511

• CNNVD Published: 2025-06-17

Description (Chinese)

Sitecore PowerShell Extensions是丹麦Sitecore公司的一款Powershell扩展。 Sitecore PowerShell Extensions 7.0及之前版本存在安全漏洞，该漏洞源于文件上传不受限制，可能导致远程代码执行。

Description (English)

Sitecore PowerShell Extensions is a Powershell extension of the Danish company Sitecore. There is a security loophole in Sitecore PowerShell Extensions 7.0 and previous versions, which stems from unrestricted uploading of documents and may result in remote code execution.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

Sitecore

Published

2025-06-17

Last Modified

2026-02-24

References

https://labs.watchtowr.com/is-b-for-backdoor-pre-auth-rce-chain-in-sitecore-experience-platform/ https://cxsecurity.com/issue/WLB-2025090008 https://nvd.nist.gov/vuln/detail/CVE-2025-34511 https://access.redhat.com/security/cve/cve-2025-34511