CNNVD-202508-779 Information

CNNVD ID

CNNVD-202508-779

Related CVE

CVE-2012-10048

• CNNVD Published: 2025-08-08

Description (Chinese)

Zenoss Core是美国Zenoss公司的一个企业级IT基础设施监控软件。 Zenoss Core 3.x版本存在安全漏洞，该漏洞源于showDaemonXMLConfig端点未清理daemon参数，可能导致命令注入。

Description (English)

Zenoss Core is an enterprise-level IT infrastructure monitoring software for Zenoss in the United States. There is a security loophole in Zenos Core 3.x version, which originates from the clean-up of daemon parameters at the ShowDaemonXMLConfig endpoint, which may lead to command injection.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Zenoss

Published

2025-08-08

Last Modified

2026-02-24

References

https://itsecuritysolutions.org/2012-07-30-zenoss-3.2.1-multiple-security-vulnerabilities/ http://web.archive.org/web/20221203180334/ https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/ https://sourceforge.net/projects/zenoss/ https://www.exploit-db.com/exploits/20205 https://www.exploit-db.com/exploits/37571 https://www.vulncheck.com/advisories/zenoss-command-execution https://access.redhat.com/security/cve/cve-2012-10048