CNNVD-202508-370 Information
CNNVD ID
CNNVD-202508-370
Related CVE
- CNNVD Published: 2025-08-05
Description (Chinese)
Kodi Xbmc是美国Kodi基金会的一个免费开源软件媒体播放器和数字媒体娱乐中心。 Kodi Xbmc 2012-11-04及之前版本存在安全漏洞,该漏洞源于HTTP服务器未正确清理URI输入,可能导致路径遍历攻击。
Description (English)
Kodi Xbmc is a free open-source media player and digital media entertainment centre of the Kodi Foundation of the United States. There is a security gap in Kodi Xbmc 2012-11-04 and earlier versions, which stems from the fact that the HTTP server did not properly clean up the URL input, which could lead to a routing attack.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Kodi
Published
2025-08-05
Last Modified
2026-02-24
References
https://github.com/xbmc/xbmc https://github.com/xbmc/xbmc/commit/bdff099c024521941cb0956fe01d99ab52a65335 https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/gather/xbmc_traversal.rb https://www.ioactive.com/wp-content/uploads/pdfs/Security_Advisory_XBMC.pdf https://www.vulncheck.com/advisories/xbmc-web-server-path-traversal https://access.redhat.com/security/cve/cve-2012-10024
Patch
https://github.com/xbmc/xbmc/releases
Share on: