CNNVD-202507-706 Information
Jul 07, 2025
cve
CNNVD ID
CNNVD-202507-706
Related CVE
- CNNVD Published: 2025-07-07
Description (Chinese)
Mescius ActiveReports.NET是日本Mescius公司的一款.NET报表工具。 Mescius ActiveReports.NET存在代码问题漏洞,该漏洞源于ReadValue方法未正确验证用户提供数据,可能导致反序列化攻击和远程代码执行。
Description (English)
Mescius Active Reports.NET is a NET reporting tool for Mescius, Japan. Mescius Active Reports.NET had a code gap, which stemmed from the fact that the ReadValue method did not correctly validate the data provided by the user, which could lead to a back-serialized attack and remote code execution.
Hazard Level
Low
Vulnerability Type
代码问题
Affected Vendor
Meshery
Published
2025-07-07
Last Modified
2026-02-24
References
https://www.zerodayinitiative.com/advisories/ZDI-25-448/
Patch
https://developer.mescius.com/activereportsnet/download
Share on: