CNNVD-202509-4440 Information
Sep 30, 2025
cve
CNNVD ID
CNNVD-202509-4440
Related CVE
- CNNVD Published: 2025-09-30
Description (Chinese)
MegaSys Telenium Online Web Application是美国MegaSys公司的一个网络管理模块。 MegaSys Telenium Online Web Application存在操作系统命令注入漏洞,该漏洞源于PHP端点未正确验证或清理用户输入,可能导致远程代码执行。
Description (English)
MegaSys Telenium Online Web Application is a web management module of MegaSys in the United States. MegaSys Telenium Online Web Application has a bug in the operating system command, which arises from the incorrect validation or clean-up of user input at the PHP endpoint, which may result in remote code execution.
Hazard Level
Low
Vulnerability Type
操作系统命令注入
Affected Vendor
MegaSys
Published
2025-09-30
Last Modified
2026-02-24
References
https://support.portal.megasys.com/ https://www.cisa.gov/news-events/ics-advisories/icsa-25-273-01
Patch
https://support.portal.megasys.com/servicedesk/customer/user/login?destination=portals
Share on: