CNNVD-202507-090 Information
CNNVD ID
CNNVD-202507-090
Related CVE
- CNNVD Published: 2025-07-02
Description (Chinese)
Apache Guacamole是美国阿帕奇(Apache)基金会的一款无客户端的远程桌面网关。该产品支持VNC、RDP和SSH等协议。 Apache Guacamole 1.5.5及之前版本存在输入验证错误漏洞,该漏洞源于未正确验证基于文本协议接收的控制台代码,可能导致执行任意代码。
Description (English)
Apache Guacamole is a client-free remote desktop gateway to the Apache Foundation in the United States. The product supports agreements such as VNC, RDP and SSH. Apache Guacamole 1.5.5 and previous versions had input-validation bugs, which resulted from the incorrect validation of control-desk codes received on the basis of text protocols, which could result in the implementation of any code.
Hazard Level
High
Vulnerability Type
输入验证错误
Affected Vendor
阿帕奇
Published
2025-07-02
Last Modified
2026-02-24
References
https://lists.apache.org/thread/sgs8lplbkrpvd3hrvcnnxh3028h4py70 https://www.oracle.com/security-alerts/cpuoct2025.html https://vigilance.fr/vulnerability/Apache-Guacamole-code-execution-via-Console-Codes-Sequence-47600 https://access.redhat.com/security/cve/cve-2024-35164