CNNVD-202509-2243 Information

CNNVD ID

CNNVD-202509-2243

Related CVE

CVE-2025-59361

• CNNVD Published: 2025-09-15

Description (Chinese)

Chaos Mesh是Chaos Mesh开源的一个开源的云原生工程平台。 Chaos Mesh存在操作系统命令注入漏洞，该漏洞源于cleanIptables存在OS命令注入，可能导致远程代码执行。

Description (English)

Chaos Mesh is an open-source cloud-based engineering platform for Chaos Mesh. Chaos Mesh has an operational system command-infusion loophole, which originates from a OS-inventory of cleanIptables, which may lead to remote code enforcement.

Hazard Level

Low

Vulnerability Type

操作系统命令注入

Affected Vendor

Chaos Mesh

Published

2025-09-15

Last Modified

2026-02-24

References

https://github.com/chaos-mesh/chaos-mesh/pull/4702 https://jfrog.com/blog/chaotic-deputy-critical-vulnerabilities-in-chaos-mesh-lead-to-kubernetes-cluster-takeover