CNNVD-202509-3760 Information
Sep 23, 2025
cve
CNNVD ID
CNNVD-202509-3760
Related CVE
- CNNVD Published: 2025-09-23
Description (Chinese)
Viessmann Vitogate 300是德国Viessmann公司的一款通信网关。 Viessmann Vitogate 300存在安全漏洞,该漏洞源于/cgi-bin/vitogate.cgi端点中form JSON参数设置为form-0-2时,未正确清理输入,可能导致OS命令注入攻击。
Description (English)
Viessmann Vitogate 300 is a communications gateway for Viessmann, Germany. Viessmann Vitogate 300 has a security loophole, which originates from the Form JSON parameter set to form-0-2 at the /cgi-bin/vitogate.cgi end point, which did not properly clean up the input and could lead to an OS command injection attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Viessmann
Published
2025-09-23
Last Modified
2026-02-24
References
https://www.corporate.carrier.com/product-security/advisories-resources/
Patch
https://www.corporate.carrier.com/product-security/advisories-resources/
Share on: