CNNVD-202508-3445 Information

CNNVD ID

CNNVD-202508-3445

Related CVE

CVE-2025-54819

• CNNVD Published: 2025-08-28

Description (Chinese)

DOS & CO SS1是日本DOS & CO公司的一个资产管理工具。 DOS & CO SS1 16.0.0.10及之前版本存在路径遍历漏洞，该漏洞源于路径名限制不当，可能导致远程经验证攻击者覆盖合法文件。

Description (English)

DOS & CO SS1 is an asset management tool for DOS & CO in Japan. DOS & CO SS1 16.0.0.10 & previous versions have a loophole in the path, which arises from inappropriate path name limitations, which may result in remote empirical evidence that the attackers are covering legitimate documents.

Hazard Level

High

Vulnerability Type

路径遍历

Affected Vendor

DOS & CO

Published

2025-08-28

Last Modified

2026-02-24

References

https://www.dos-osaka.co.jp/news/2025/08/250827.html https://jvn.jp/en/jp/JVN99577552/ https://nvd.nist.gov/vuln/detail/CVE-2025-54819

Patch

https://www.dos-osaka.co.jp/news/2025/08/250827.html