CNNVD-202509-3049 Information

Sep 19, 2025 cve

CNNVD ID

CNNVD-202509-3049

CVE-2025-57644

CNNVD Published: 2025-09-19

Description (Chinese)

Accela Automation Platform是加拿大Accela公司的一个自动化平台。 Accela Automation Platform 22.2.3.0.230103版本存在安全漏洞，该漏洞源于Test Script功能存在多个问题，包括可执行任意Java代码、输入验证不当，可能导致远程代码执行、任意文件写入和服务端请求伪造攻击。

Description (English)

Accela Automation Platform is an automated platform for the Canadian company Accela. There is a security loophole in version 22.2.3.0230103 of Accela Automation Platform, which stems from a number of problems with the Test Script function, including the possibility of enforcing an arbitrary Java code and inadequate input verification, which may lead to remote code enforcement, arbitrary document writing and requests for a false attack by the service.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Accela

Published

2025-09-19

Last Modified

2026-02-24

References

https://medium.com/@anvarkh/cve-2025-57644-remote-code-execution-ssrf-in-accela-eedc6bc4adfb https://www.accela.com https://access.redhat.com/security/cve/cve-2025-57644

Share on: