CNNVD-202511-504 Information
CNNVD ID
CNNVD-202511-504
Related CVE
- CNNVD Published: 2025-11-06
Description (Chinese)
Advantech WebAccess/VPN是中国台湾研华(Advantech)公司的一款高级网络安全平台。 Advantech WebAccess/VPN 1.1.5之前版本存在安全漏洞,该漏洞源于AppManagementController.appUpgradeAction函数存在命令注入,可能导致执行任意代码。
Description (English)
Advantech WebAccess/VPN is a high-level network security platform for the company Advantech. There was a security loophole in the pre-Advantech WebAccess/VPN 1.1.5 version, which originated from the existence of command injections in the AppManagementController.appUpgradeaction function, which could lead to the execution of any code.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
研华
Published
2025-11-06
Last Modified
2026-02-24
References
https://icr.advantech.com/download/software https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf https://www.vulncheck.com/advisories/advantech-webaccess-vpn-command-injection-in-appmanagementcontroller
Patch
https://icr.advantech.com/download/software
Share on: