CNNVD-202509-2696 Information

CNNVD ID

CNNVD-202509-2696

Related CVE

CVE-2025-59304

• CNNVD Published: 2025-09-17

Description (Chinese)

swetrix是Swetrix开源的一个网络分析、网站速度监控和错误跟踪软件。 swetrix 3.1.1版本至7d8b972之前版本存在安全漏洞，该漏洞源于远程攻击者可通过特制HTTP请求进行目录遍历，可能导致远程代码执行。

Description (English)

swetrix is a web-based analysis, web velocity monitoring and bug tracking software for Sweetrix. There is a security loophole between version swetrix 3.1.1 and pre-version 7d8b972, which stems from the fact that a remote attacker can request a directory through a specially designed HTTP, which may lead to remote code execution.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Sylkat

Published

2025-09-17

Last Modified

2026-02-24

References

https://github.com/Swetrix/swetrix/pull/397 https://access.redhat.com/security/cve/cve-2025-59304

Patch

https://github.com/Swetrix/swetrix/releases