CNNVD-202506-3104 Information

CNNVD ID

CNNVD-202506-3104

Related CVE

CVE-2024-56918

• CNNVD Published: 2025-06-24

Description (Chinese)

NetBox是NetBox社区的一款基于Django、PostgreSql 用于IP地址管理（IPAM）和数据中心基础结构管理（DCIM）的工具。 Netbox 4.1.7版本存在安全漏洞，该漏洞源于登录页面存在缺陷，可能导致跨站脚本攻击。

Description (English)

NetBox is a tool for the NetBox community based on Django, PostgreSql for IP address management (IPAM) and data centre infrastructure management (DCIM). There is a security loophole in Netbox 4.1.7, which stems from deficiencies on login pages that may lead to cross-site script attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

NetBox

Published

2025-06-24

Last Modified

2026-02-24

References

https://github.com/netbox-community/netbox/releases/tag/v4.1.7 https://github.com/noxlumens/Vulnerability-Research/tree/main/CVE-2024-56918 https://youtu.be/GC8-PUlu2i8?si=cd_dSVno93pCisr-&t=103 https://youtu.be/zBbjNNK79pg

Patch

https://github.com/netbox-community/netbox/releases