CNNVD-202510-3317 Information

CNNVD ID

CNNVD-202510-3317

Related CVE

CVE-2025-60938

• CNNVD Published: 2025-10-25

Description (Chinese)

Emoncms是Emoncms开源的一款开源的Web应用程序。该程序主要用于处理、记录和显示能源、温度和其他环境数据。 Emoncms 11.7.3版本存在安全漏洞，该漏洞源于对文件/admin/upload-custom-firmware中参数filename、port、baud_rate、core和autoreset的输入验证不足，可能导致远程代码执行。

Description (English)

Emoncms is an open-source Web application for Emoncms. The program is primarily used to process, record and display energy, temperature and other environmental data. Release 11.7.3 of Emóncms contains a security loophole that results from inadequate input verification of the parameters file/admin/upload-custom-firmware file file file name, port, Baud rate, core and autoreset, which may lead to remote code execution.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Emoncms

Published

2025-10-25

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/cve-2025-60938

Patch

https://emoncms.org/