CNNVD-202510-3227 Information

CNNVD ID

CNNVD-202510-3227

Related CVE

CVE-2025-62713

• CNNVD Published: 2025-10-23

Description (Chinese)

Kottster是kottster开源的一个即时Node.js管理面板。安全、自托管且易于设置。 Kottster 3.2.0版本至3.3.2之前版本存在访问控制错误漏洞，该漏洞源于开发模式下存在预认证远程代码执行漏洞。

Description (English)

Kotster is an instant Node.js management panel of the Kottster open source. It is safe, self-serving and easy to set. Prior versions of Kotster 3.2.0 to 3.3.2, there was a bug in access control, which stemmed from a pre-certified remote code enforcement gap under the development model.

Hazard Level

Medium

Vulnerability Type

访问控制错误

Affected Vendor

kottster

Published

2025-10-23

Last Modified

2026-02-24

References

https://github.com/kottster/kottster/commit/0a7d24922a23aac98372155348787670937eef89 https://github.com/kottster/kottster/security/advisories/GHSA-j3w7-9qc3-g96p

Patch

https://github.com/kottster/kottster/releases