CNNVD-202507-3520 Information

CNNVD ID

CNNVD-202507-3520

Related CVE

CVE-2025-53695

• CNNVD Published: 2025-07-28

Description (Chinese)

Johnson Controls iSTAR Ultra是美国江森自控（Johnson Controls）公司的一款门禁控制器。提供网络弹性和更快的处理速度。 Johnson Controls iSTAR Ultra存在安全漏洞，该漏洞源于Web应用程序存在OS命令注入，可能导致权限提升。

Description (English)

Johnson Controls iSTAR Ultra is a door-ban controller for Johnson Controls in the United States. Provide network flexibility and faster processing. There is a security loophole in Johnson Controls iSTAR Ultra, which stems from the presence of an OS-injected Web application, which may lead to an increase in privileges.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

江森自控

Published

2025-07-28

Last Modified

2026-02-24

References

https://raw.githubusercontent.com/reidmefirst/vuln-disclosure/refs/heads/main/2025-03.txt https://access.redhat.com/security/cve/cve-2025-53695