CNNVD-202509-2825 Information

CNNVD ID

CNNVD-202509-2825

Related CVE

CVE-2025-10589

• CNNVD Published: 2025-09-17

Description (Chinese)

N-Partner N-Reporter等都是中国N-Partner公司的产品。N-Partner N-Reporter是一个事件查询与报表系统。N-Partner N-Cloud是一个云平台。N-Partner N-Probe是一个流量监控、日志分析和大数据收集与处理平台。 N-Partner多款产品存在操作系统命令注入漏洞，该漏洞源于允许经过身份验证的远程攻击者注入任意OS命令并在服务器上执行。以下产品受到影响：N-Reporter、N-Cloud和N-Probe。

Description (English)

N-Partner N-Reporter and others are products of N-Partner China. N-Partner N-Reporter is an event query and report system. N-Partner N-Claud is a cloud platform. N-Partner N-Probe is a traffic monitoring, log analysis and large data collection and processing platform. N-Partner multi-products have a gap in the operating system command, which arises from allowing a remotely identified attacker to inject any OS order and execute it on the server. The following products were affected: N-Reporter, N-Claud and N-Probe.

Hazard Level

Medium

Vulnerability Type

操作系统命令注入

Affected Vendor

NagVis

Published

2025-09-17

Last Modified

2026-02-24

References

https://www.twcert.org.tw/en/cp-139-10387-b8a4e-2.html https://www.twcert.org.tw/tw/cp-132-10386-231ae-1.html

Patch

https://www.npartner.com/en/