CNNVD-202512-139 Information
Dec 01, 2025
cve
CNNVD ID
CNNVD-202512-139
Related CVE
- CNNVD Published: 2025-12-01
Description (Chinese)
NutzBoot是Nutz开源的一个企业级微服务框架。 NutzBoot 2.6.0-SNAPSHOT及之前版本存在访问控制错误漏洞,该漏洞源于文件EthModule.java的错误操作,可能导致信息泄露。
Description (English)
NutzBoot is an enterprise-level micro-service framework from Nutz open source. NutzBoot 2.6.0-SNAPSHOT and previous versions had access control bugs, which stemmed from the error of document EthModule.java and could lead to the disclosure of information.
Hazard Level
High
Vulnerability Type
访问控制错误
Affected Vendor
Nutz
Published
2025-12-01
Last Modified
2026-02-24
References
https://vuldb.com/?id.333814 https://github.com/Xzzz111/exps/blob/main/archives/nutzboot-InfoLeak-1/report.md https://vuldb.com/?submit.692050 https://github.com/Xzzz111/exps/blob/main/archives/nutzboot-InfoLeak-1/report.md#vulnerability-details-and-poc https://vuldb.com/?ctiid.333814
Share on: