CNNVD-202507-1537 Information

CNNVD ID

CNNVD-202507-1537

Related CVE

CVE-2025-34098

• CNNVD Published: 2025-07-10

Description (Chinese)

Riverbed SteelHead VCX是美国Riverbed公司的一个广域网优化软件。 Riverbed SteelHead VCX 9.6.0a版本存在安全漏洞，该漏洞源于日志过滤功能中的路径遍历问题，可能导致任意文件读取。

Description (English)

Riverbed Steel Head VCX is a wide area network optimization software for Riverbed, United States. The Riverbed Steel Head VCX 9.6.0a version has a security loophole, which stems from the routing problem in the log filter, which may lead to any file reading.

Hazard Level

High

Vulnerability Type

信息泄露

Affected Vendor

Riverbed

Published

2025-07-10

Last Modified

2026-02-24

References

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/scanner/ https://vulncheck.com/advisories/riverbed-steel-head-vcx-authenticated-arbitrary-file-read https://www.exploit-db.com/exploits/42101 https://nvd.nist.gov/vuln/detail/CVE-2025-34098