CNNVD-202508-1461 Information
CNNVD ID
CNNVD-202508-1461
Related CVE
- CNNVD Published: 2025-08-13
Description (Chinese)
Umbraco CMS是丹麦Umbraco公司的一个内容管理系统。 Umbraco CMS 4.7.1之前版本存在安全漏洞,该漏洞源于codeEditorSave.asmx端点存在路径遍历,可能导致远程代码执行。
Description (English)
Umbraco CMS is a content management system for the Danish company Umbraco. A security loophole existed in the pre-Umbraco CMS 4.7.1, which originated from the routing of the codeEditor Save.asmx endpoint, which could lead to remote code implementation.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Umbraco
Published
2025-08-13
Last Modified
2026-02-24
References
https://github.com/umbraco/Umbraco-CMS https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ http://umbraco.codeplex.com/releases/view/73692 https://web.archive.org/web/20111017174609/ http://blog.gdssecurity.com/labs/2012/7/3/find-bugs-faster-with-a-webmatrix-local-reference-instance.html https://web.archive.org/web/20120707033729/ https://www.exploit-db.com/exploits/19671 https://www.vulncheck.com/advisories/umbraco-cms-rce
Patch
https://github.com/umbraco/Umbraco-CMS/releases
Share on: