CNNVD-202509-607 Information
CNNVD ID
CNNVD-202509-607
Related CVE
- CNNVD Published: 2025-09-04
Description (Chinese)
Progress Software OpenEdge是美国Progress Software公司的一套集成开发环境(IDE)。 Progress Software OpenEdge存在命令注入漏洞,该漏洞源于Java RMI接口输入验证不足,可能导致远程命令执行攻击。
Description (English)
Progress Software OpenEdge is an integrated development environment (IDE) for the United States company Progress Software. Progress Software OpenEdge had a command leak, which stemmed from inadequate input validation of the Java RMI interface, which could lead to a remote command execution attack.
Hazard Level
Medium
Vulnerability Type
命令注入
Affected Vendor
Progress Software
Published
2025-09-04
Last Modified
2026-02-24
References
https://community.progress.com/s/article/Important-RCE-Security-Update-for-OpenEdge-AdminServer
Patch
https://docs.progress.com/bundle/openedge-life-cycle/page/OpenEdge-Life-Cycle.html?_gl=11m15iad_gcl_auNDExNTc5Njg5LjE3NTcwMzg2NjQ._gaMTkzNDAxNTIxNi4xNzU3MDM4NjY0_ga_9JSNBCSF54*czE3NTcwMzg2NjMkbzEkZzEkdDE3NTcwMzk4NzkkajUyJGwwJGgw
Share on: