CNNVD-202509-2934 Information

CNNVD ID

CNNVD-202509-2934

Related CVE

CVE-2025-10669

• CNNVD Published: 2025-09-18

Description (Chinese)

Airsonic-Advanced是Airsonic开源的一款音乐流媒体服务器。 Airsonic-Advanced 10.6.0及之前版本存在代码问题漏洞，该漏洞源于Playlist Upload Handler组件未限制上传，可能导致远程攻击。

Description (English)

Airsonic-Advanced is an open-source music stream server. Airsonic-Advanced10.6.0 and previous versions had a code problem loophole, which stemmed from the unrestricted uploading of Playlist Upload Handler components, which could lead to a remote attack.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

Airsonic

Published

2025-09-18

Last Modified

2026-02-24

References

https://github.com/mikecole-mg/security_findings/blob/main/airsonic-advanced/airsonic-rce.md https://vuldb.com/?ctiid.324790 https://vuldb.com/?id.324790 https://vuldb.com/?submit.652356