CNNVD-202511-476 Information
CNNVD ID
CNNVD-202511-476
Related CVE
- CNNVD Published: 2025-11-06
Description (Chinese)
Advantech DeviceOn/iEdge是中国台湾研华(Advantech)公司的一个边缘设备远程管理与运维平台。 Advantech DeviceOn/iEdge 2.0.2及之前版本存在路径遍历漏洞,该漏洞源于清理不足,可能导致拒绝服务、目录遍历或本地系统账户上下文中的文件读写。
Description (English)
Advantech DeviceOn/iEdge is a remote management and transport platform for peripheral equipment of the Chinese company Advantech. Advantech DeviceOn/iEdge 2.0.2 and previous versions had a routing loophole, which stemmed from a lack of clean-up, which could lead to the denial of services, directory history or document reading and writing in the context of local system accounts.
Hazard Level
Medium
Vulnerability Type
路径遍历
Affected Vendor
研华
Published
2025-11-06
Last Modified
2026-02-24
References
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-310-01.json https://www.advantech.com/emt/contact https://www.cisa.gov/news-events/ics-advisories/icsa-25-310-01
Share on: