CNNVD-202510-2330 Information

CNNVD ID

CNNVD-202510-2330

Related CVE

CVE-2025-34513

• CNNVD Published: 2025-10-16

Description (Chinese)

Ilevia EVE X1 Server是意大利Ilevia公司的一款智能家居与楼宇自动化。 Ilevia EVE X1 Server 4.7.18.0.eden及之前版本存在安全漏洞，该漏洞源于mbus_build_from_csv.php存在OS命令注入，可能导致执行任意代码。

Description (English)

Ilevia EVE X1 Server is an intelligent home and building automation for Ilevia in Italy. Ilevia EVE X1 Server 4.7.18.0.eden and previous versions had a security loophole, which originated from the OS injection of mbus build from csv.php, which could lead to the enforcement of arbitrary codes.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

Ilevia

Published

2025-10-16

Last Modified

2026-02-24

References

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2025-5962.php https://www.vulncheck.com/advisories/ilevia-eve-x1-server-unauth-command-injection https://www.ilevia.com/ https://access.redhat.com/security/cve/cve-2025-34513