CNNVD-202508-3165 Information

Aug 27, 2025 cve

CNNVD ID

CNNVD-202508-3165

CVE-2024-13981

CNNVD Published: 2025-08-27

Description (Chinese)

Apex LiveBOS是中国顶点（Apex）公司的一款快速开发工具。 Apex LiveBOS存在安全漏洞，该漏洞源于路径遍历，可能导致任意文件上传和远程代码执行。

Description (English)

Apex LiveBOS is a fast-track development tool for Apex. There is a security loophole in Apex LiveBOS, which stems from the routing, which may lead to any document uploading and remote code execution.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

顶点

Published

2025-08-27

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/livebos-uploadfile-arbitrary-file-upload https://www.apexsoft.com.cn/platform/index.html https://github.com/folio2008/POC_wy876/blob/main/LiveBOS/%E7%81%B5%E5%8A%A8%E4%B8%9A%E5%8A%A1%E6%9E%B6%E6%9E%84%E5%B9%B3%E5%8F%B0%28LiveBOS%29%E7%B3%BB%E7%BB%9FUploadFile.do%E6%8E%A5%E5%8F%A3%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E6%BC%8F%E6%B4%9E%28XVE-2023-21708%29.md https://cn-sec.com/archives/3041179.html https://blog.csdn.net/weixin_53009585/article/details/140853891 https://blog.csdn.net/jingke666/article/details/140855251 https://axsec.blog.csdn.net/article/details/140847466 https://nvd.nist.gov/vuln/detail/CVE-2024-13981

Share on: