CNNVD-202510-3467 Information

CNNVD ID

CNNVD-202510-3467

Related CVE

CVE-2025-62524

• CNNVD Published: 2025-10-27

Description (Chinese)

PILOS是THM开源的一个前端软件。 PILOS 4.8.0之前版本存在安全漏洞，该漏洞源于暴露PHP版本信息，可能导致服务器指纹识别和信息泄露。

Description (English)

PILOS is a front-end software for the THM open source. There was a security loophole in the pre-PILOS 4.8.0, which originated from the exposure of PHP version information, which could lead to the identification and disclosure of server fingerprints.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

THM

Published

2025-10-27

Last Modified

2026-02-24

References

https://github.com/THM-Health/PILOS/commit/14655bc4f8128ffd2b3c25004b01d9a802808da8 https://github.com/THM-Health/PILOS/security/advisories/GHSA-q93h-5j6h-j22x https://access.redhat.com/security/cve/cve-2025-62524

Patch

https://github.com/THM-Health/PILOS/releases