CNNVD-202506-3005 Information
CNNVD ID
CNNVD-202506-3005
Related CVE
- CNNVD Published: 2025-06-23
Description (Chinese)
SysmonElixir是Bocaletto Luca个人开发者的一个系统监视软件。 SysmonElixir 1.0.1之前版本存在路径遍历漏洞,该漏洞源于/read端点默认可读取服务器/etc/passwd文件。
Description (English)
Sysmon Elixir is a system surveillance software for Bocaletto Luca personal developers. The previous version of Sysmon Elixir 1.0 has a loophole in the path, which originated from the /readend default readable server/etc/passwd file.
Hazard Level
Medium
Vulnerability Type
路径遍历
Affected Vendor
Live Support
Published
2025-06-23
Last Modified
2026-02-24
References
https://github.com/bocaletto-luca/elixir-system-monitor/security/advisories/GHSA-9vj4-rv7q-36qj https://github.com/bocaletto-luca/elixir-system-monitor/commit/647a5525f6667a28f1133985213dd080ea11bb87 https://access.redhat.com/security/cve/cve-2025-52574 https://nvd.nist.gov/vuln/detail/CVE-2025-52574
Patch
https://github.com/bocaletto-luca/elixir-system-monitor/releases
Share on: