CNNVD-202512-165 Information
Dec 02, 2025
cve
CNNVD ID
CNNVD-202512-165
Related CVE
- CNNVD Published: 2025-12-02
Description (Chinese)
Industrial Video & Control Longwatch是美国Industrial Video & Control公司的一个工业级视频监控和管理平台。 Industrial Video & Control Longwatch存在代码注入漏洞,该漏洞源于未经验证的HTTP GET请求可通过暴露的端点执行任意代码,可能导致获取SYSTEM级别权限。
Description (English)
Industrial Video & Control Longwatch is an industrial video monitoring and management platform of the American Industrial Video & Control Corporation. Industrial Video & Control Longwatch has a code leak, which stems from an uncertified HTTP GET request to enforce any code through exposed endpoints, which may lead to access to SYSTEM level privileges.
Hazard Level
Low
Vulnerability Type
代码注入
Affected Vendor
Industrial Video & Control
Published
2025-12-02
Last Modified
2026-02-24
References
https://www.cisa.gov/news-events/ics-advisories/icsa-25-336-01 https://access.redhat.com/security/cve/cve-2025-13658