CNNVD-202510-4407 Information

CNNVD ID

CNNVD-202510-4407

Related CVE

CVE-2025-64348

• CNNVD Published: 2025-10-31

Description (Chinese)

ELog是Stefan Ritt个人开发者的一款有Web界面的电子日志软件。 ELog存在安全漏洞，该漏洞源于认证用户可修改或覆盖配置文件，可能导致拒绝服务。如果启用执行功能，攻击者可在主机上执行OS命令。

Description (English)

ELog is Stefan Ritt’s personal developer of an electronic log software with a Web interface. ELog has a security loophole, which stems from the authentication user ’ s ability to modify or overwhelm the configuration file and may lead to the denial of the service. If the performance function is enabled, the assailant can execute the OS order on the host.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-10-31

Last Modified

2026-02-24

References

https://bitbucket.org/ritt/elog/commits/7092ff64f6eb9521f8cc8c52272a020bf3730946 https://bitbucket.org/ritt/elog/commits/f81e5695c40997322fe2713bfdeba459d9de09dc https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-304-01.json https://www.cve.org/CVERecord?id=CVE-2025-64348