CNNVD-202510-4109 Information

CNNVD ID

CNNVD-202510-4109

Related CVE

CVE-2023-7325

• CNNVD Published: 2025-10-30

Description (Chinese)

Anheng Mingyu Operations and Maintenance Audit and Risk Control System（安恒明御运维审计与风险控制系统）是中国安恒（Anheng）公司的一款运维安全审计、风险监控及合规控制平台。 Anheng Mingyu Operations and Maintenance Audit and Risk Control System 2023-08-10及之前版本存在安全漏洞，该漏洞源于xmlrpc.sock处理程序接受特制XML-RPC请求，可能导致服务器端请求伪造攻击。

Description (English)

Anheng Mingyu Operations and Maintenance Aid and Risk Control System is a transport security audit, risk monitoring and compliance control platform for Anheng Corporation in China. There is a security loophole in the version 2023-08-10 and earlier, which stems from the fact that the xmlrpc.sock processing process accepts a custom-made XML-RPC request, which could lead to a server request for a false attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

安恒

Published

2025-10-30

Last Modified

2026-02-24

References

https://cn-sec.com/archives/1947658.html https://github.com/PeiQi0/PeiQi-WIKI-Book/blob/main/docs/wiki/iot/%E5%AE%89%E6%81%92/%E5%AE%89%E6%81%92%20%E6%98%8E%E5%BE%A1%E8%BF%90%E7%BB%B4%E5%AE%A1%E8%AE%A1%E4%B8%8E%E9%A3%8E%E9%99%A9%E6%8E%A7%E5%88%B6%E7%B3%BB%E7%BB%9F%20xmlrpc.sock%20%E4%BB%BB%E6%84%8F%E7%94%A8%E6%88%B7%E6%B7%BB%E5%8A%A0%E6%BC%8F%E6%B4%9E.md https://www.vulncheck.com/advisories/mingyu-operations-and-maintenance-audit-and-risk-control-system-xmirpc-sock-ssrf