CNNVD-202506-3112 Information

CNNVD ID

CNNVD-202506-3112

Related CVE

CVE-2024-56917

• CNNVD Published: 2025-06-24

Description (Chinese)

NetBox是NetBox社区的一款基于Django、PostgreSql 用于IP地址管理（IPAM）和数据中心基础结构管理（DCIM）的工具。 Netbox 4.1.7版本存在安全漏洞，该漏洞源于maintenance banner存在缺陷，可能导致跨站脚本攻击。

Description (English)

NetBox is a tool for the NetBox community based on Django, PostgreSql for IP address management (IPAM) and data centre infrastructure management (DCIM). Version 4.1.7 of Netbox contains a security loophole, which stems from the defects of the Mainnance Banner, which may lead to a cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

NetBox

Published

2025-06-24

Last Modified

2026-02-24

References

https://github.com/netbox-community/netbox/releases/tag/v4.1.7 https://github.com/noxlumens/Vulnerability-Research/tree/main/CVE-2024-56917 https://youtu.be/GC8-PUlu2i8?si=eoScOk8IUJdwPDc_&t=172

Patch

https://github.com/netbox-community/netbox/releases