CNNVD-202509-2629 Information

Sep 17, 2025 cve

CNNVD ID

CNNVD-202509-2629

CVE-2025-23316

  • CNNVD Published: 2025-09-17

Description (Chinese)

NVIDIA Triton Inference Server是美国英伟达(NVIDIA)公司的一款开源软件,有助于标准化模型部署并在生产中提供快速且可扩展的 AI。 NVIDIA Triton Inference Server存在操作系统命令注入漏洞,该漏洞源于Python后端未正确处理模型控制API中的model name参数,可能导致远程代码执行、拒绝服务、信息泄露和数据篡改。

Description (English)

NVIDIA Triton Reference Server is an open source software for NVIDIA in the United States, which facilitates the deployment of standardized models and provides rapid and scalable AI in production. NVIDIA Triton Investment Server has an operational system command leak, which originates from the incorrect handling of the Model name parameter in the Python backend to control API, which may lead to remote code execution, denial of service, information leaking and data manipulation.

Hazard Level

High

Vulnerability Type

操作系统命令注入

Affected Vendor

NZBGet

Published

2025-09-17

Last Modified

2026-02-24

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5691

Patch

https://nvidia.custhelp.com/app/answers/detail/a_id/5691

Share on: