CNNVD-202507-3489 Information

CNNVD ID

CNNVD-202507-3489

Related CVE

CVE-2025-8259

• CNNVD Published: 2025-07-28

Description (Chinese)

Vaelsys V4是西班牙Vaelsys公司的一款人工智能视频分析平台。 Vaelsys V4 4.1.0版本存在命令注入漏洞，该漏洞源于文件/grid/vgrid_server.php中参数xajaxargs的错误操作导致os命令注入。

Description (English)

Vaelsys V4 is an artificial smart video analysis platform for Vaelsys in Spain. Version Vaelsys V4 4.1.0 contains a command-injecting loophole, which arises from the error of the parameter xajaxargs in the file/grid/vgrid server.php, resulting in the Os command-injection.

Hazard Level

Medium

Vulnerability Type

命令注入

Affected Vendor

Vaelsys

Published

2025-07-28

Last Modified

2026-02-24

References

https://vuldb.com/?id.317847 https://vuldb.com/?ctiid.317847 https://vuldb.com/?submit.616920 https://github.com/waiwai24/0101/blob/main/CVEs/Vaelsys/Remote_Code_Execution_in_Vaelsys_V4_Platform.md https://access.redhat.com/security/cve/cve-2025-8259