CNNVD-202511-877 Information

CNNVD ID

CNNVD-202511-877

Related CVE

CVE-2025-12916

• CNNVD Published: 2025-11-09

Description (Chinese)

Sangfor Operation and Maintenance Security是中国深信服（Sangfor）公司的一个运维安全管理系统。 Sangfor Operation and Maintenance Security 3.0版本存在命令注入漏洞，该漏洞源于对文件/fort/portal_login中参数loginUrl的错误操作，可能导致命令注入攻击。

Description (English)

The Sangfor Operation and Community Security is a transport security management system that China is convinced of. Version 3.0 of Sangfor Operation and Health Security contains a command-injection loophole, which results from a mishandling of the parameter loginUrl in the document/fort/portal login, which may lead to an order-injection attack.

Hazard Level

High

Vulnerability Type

命令注入

Affected Vendor

深信服

Published

2025-11-09

Last Modified

2026-02-24

References

https://vuldb.com/?id.331634 https://vuldb.com/?submit.678377 https://h4cker.zip/post/fe0ada/ https://vuldb.com/?ctiid.331634 https://access.redhat.com/security/cve/cve-2025-12916