CNNVD-202508-3444 Information

CNNVD ID

CNNVD-202508-3444

Related CVE

CVE-2025-58072

• CNNVD Published: 2025-08-28

Description (Chinese)

DOS & CO SS1是日本DOS & CO公司的一个资产管理工具。 DOS & CO SS1 16.0.0.10及之前版本存在路径遍历漏洞，该漏洞源于路径名限制不当，可能导致远程未经验证攻击者查看任意文件。

Description (English)

DOS & CO SS1 is an asset management tool for DOS & CO in Japan. DOS & CO SS1 16.0.0.10 & previous versions have a loophole in the path, which results from inappropriate path name limitations, which may result in remote unverified access to random files by assailants.

Hazard Level

Medium

Vulnerability Type

路径遍历

Affected Vendor

DOS & CO

Published

2025-08-28

Last Modified

2026-02-24

References

https://www.dos-osaka.co.jp/news/2025/08/250827.html https://jvn.jp/en/jp/JVN99577552/ https://nvd.nist.gov/vuln/detail/CVE-2025-58072

Patch

https://www.dos-osaka.co.jp/news/2025/08/250827.html