CNNVD-202510-2456 Information
CNNVD ID
CNNVD-202510-2456
Related CVE
- CNNVD Published: 2025-10-17
Description (Chinese)
Streamax Crocus是中国锐明(Streamax)公司的一个用于减少商用车减少交通事故和货物丢失的系统。 Streamax Crocus 1.3.40版本存在路径遍历漏洞,该漏洞源于对文件/Service.do中参数Path的错误操作,可能导致路径遍历攻击。
Description (English)
Streamax Crocus is a system used by Straamax China to reduce traffic accidents and cargo losses in commercial vehicles. There is a path-to-path loophole in version Stremax Crocus 1.3.40, which stems from an error of operation on the parameter Path in file/Service.do, which could lead to a path-to-path attack.
Hazard Level
High
Vulnerability Type
路径遍历
Affected Vendor
锐明
Published
2025-10-17
Last Modified
2026-02-24
References
https://github.com/FightingLzn9/vul/blob/main/%E6%B7%B1%E5%9C%B3%E5%B8%82%E9%94%90%E6%98%8E%E6%8A%80%E6%9C%AF%E8%82%A1%E4%BB%BD%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8Crocus%E7%B3%BB%E7%BB%9F-6.md https://vuldb.com/?ctiid.328923 https://vuldb.com/?id.328923 https://vuldb.com/?submit.671480 https://access.redhat.com/security/cve/cve-2025-11913
Share on: