CNNVD-202507-1534 Information

CNNVD ID

CNNVD-202507-1534

Related CVE

CVE-2025-34095

• CNNVD Published: 2025-07-10

Description (Chinese)

Real Time Logic Mako Server是美国Real Time Logic公司的一个基于Lua的轻量级的Web框架。 Real Time Logic Mako Server 2.5版本和2.6版本存在安全漏洞，该漏洞源于examples/save.lsp端点中的命令注入问题，可能导致远程代码执行。

Description (English)

Real Time Logic Mako Server is a lightweight Web framework based on Lua of Real Time Logic, United States. Real Time Logic Mako Server 2.5 and 2.6 have a security loophole, which stems from command injection problems at the examples/save.lsp endpoint and may lead to remote code execution.

Hazard Level

Low

Vulnerability Type

操作系统命令注入

Affected Vendor

RealDefense

Published

2025-07-10

Last Modified

2026-02-24

References

https://www.exploit-db.com/exploits/43132 https://vulncheck/advisories/mako-server-rce https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/ https://nvd.nist.gov/vuln/detail/CVE-2025-34095