CNNVD-202510-3200 Information
CNNVD ID
CNNVD-202510-3200
Related CVE
- CNNVD Published: 2025-10-23
Description (Chinese)
Veeder-Root TLS4B Automatic Tank Gauge System是美国Veeder-Root公司的一套用于加油站、油库或工业储罐的安全管理系统。 Veeder-Root TLS4B Automatic Tank Gauge System存在命令注入漏洞,该漏洞源于SOAP接口可通过Web服务处理程序访问,可能导致远程命令执行和完整shell访问。
Description (English)
Veeder-Root TLS4B Automatic Tank Gauge System is a security management system for petrol stations, fuel depots or industrial tanks used by the United States company Veeler-Root. Veeder-Root TLS4B Automatic Tank Gauge System has a command gap, which stems from the fact that the SOAP interface can be accessed through the Web Service Processing Program, which may result in remote command execution and full shell access.
Hazard Level
Low
Vulnerability Type
命令注入
Affected Vendor
Veeder-Root
Published
2025-10-23
Last Modified
2026-02-24
References
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-296-03.json https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-03 https://www.veeder.com/us/network-security-reminder https://www.veeder.com/us/software-downloads
Patch
https://www.veeder.com/us/software-downloads
Share on: