CNNVD-202508-3658 Information
CNNVD ID
CNNVD-202508-3658
Related CVE
- CNNVD Published: 2025-08-30
Description (Chinese)
XAMPP是一个易于安装的 Apache 发行版,包含 MariaDB、PHP 和 Perl。该产品主要用于构建网页服务器。 Apache Friends XAMPP 1.7.3版本存在安全漏洞,该漏洞源于默认WebDAV配置使用默认凭据,可能导致任意PHP代码上传和执行。
Description (English)
XAMPP is an easily installed Apache distribution, including MariaDB, PHP and Perl. The product is used mainly for the construction of web servers. There is a security loophole in version 1.7.3 of Apache Friens XAMP, which stems from the default use of the WebDAV configuration with a default certificate, which could lead to any PHP code upload and execution.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Apache Friends
Published
2025-08-30
Last Modified
2026-02-24
References
https://www.vulncheck.com/advisories/xampp-webdav-php-upload-auth-bypass-rce https://www.exploit-db.com/exploits/18367 https://www.apachefriends.org/index.html https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ https://nvd.nist.gov/vuln/detail/CVE-2012-10062 https://access.redhat.com/security/cve/cve-2012-10062
Patch
https://www.apachefriends.org/index.html
Share on: