CNNVD-202510-3834 Information

CNNVD ID

CNNVD-202510-3834

Related CVE

CVE-2025-1038

• CNNVD Published: 2025-10-28

Description (Chinese)

Hitachi TropOS 4th Gen是日本日立制作所（Hitachi）公司的一款无线通信设备。 Hitachi TropOS 4th Gen存在操作系统命令注入漏洞，该漏洞源于Web配置工具中的Diagnostics Tools页面未正确验证用户输入，可能导致高权限用户注入命令并获取root访问权限。

Description (English)

Hitachi Tropos 4th Gen is a wireless communications equipment of Hitachi, Japan. Hitachi Tropos 4th Gen has a bug in the operating system command, which stems from the incorrect user input on the Diagnostics Tools page in the Web configuration tool, which may lead to high-permissible users injecting the command and getting root access.

Hazard Level

Medium

Vulnerability Type

操作系统命令注入

Affected Vendor

日立制作所

Published

2025-10-28

Last Modified

2026-02-24

References

https://publisher.hitachienergy.com/preview?DocumentID=8DBD000214&LanguageCode=en&DocumentPartId=&Action=Launch https://access.redhat.com/security/cve/cve-2025-1038

Patch

https://publisher.hitachienergy.com/preview?DocumentID=8DBD000214&LanguageCode=en&DocumentPartId=&Action=Launch