CNNVD-202512-138 Information
Dec 01, 2025
cve
CNNVD ID
CNNVD-202512-138
Related CVE
- CNNVD Published: 2025-12-01
Description (Chinese)
orion-ops是李佳航个人开发者的一个一站式自动化运维及自动化部署平台。 orion-ops存在安全漏洞,该漏洞源于文件MachineKeyController.java的错误操作,可能导致授权不当。
Description (English)
Orion-ops is a one-stop automated transport and automated deployment platform for Li Jia-avian personal developers. There is a security loophole in orion-ops, which stems from the error of document Machine KeyController.java, which may lead to improper delegation of authority.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2025-12-01
Last Modified
2026-02-24
References
https://github.com/Xzzz111/exps/blob/main/archives/orion-ops-information-disclosure-1/report.md https://github.com/Xzzz111/exps/blob/main/archives/orion-ops-information-disclosure-1/report.md#proof-of-concept https://vuldb.com/?ctiid.333817 https://vuldb.com/?id.333817 https://vuldb.com/?submit.692066
Share on: