CNNVD-202512-2056 Information

CNNVD ID

CNNVD-202512-2056

Related CVE

CVE-2024-58298

• CNNVD Published: 2025-12-11

Description (Chinese)

Compuware iStrobe Web是美国Compuware公司的一个大型机性能分析和优化工具。 Compuware iStrobe Web 20.13版本存在代码问题漏洞，该漏洞源于文件上传表单中存在路径遍历，可能导致上传JSP webshell并执行任意命令。

Description (English)

Compuware iStrobe Web is a large machine performance analysis and optimization tool for Compuware in the United States. The Compuware iStrobe Web 20.13 version has a code breach, which stems from the existence of a path through the file upload form, which could lead to the uploading of JSP webshell and the execution of arbitrary orders.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

Compuware

Published

2025-12-11

Last Modified

2026-02-24

References

https://www.bmc.com/ https://www.bmc.com/support https://www.exploit-db.com/exploits/51991 https://www.vulncheck.com/advisories/compuware-istrobe-web-pre-auth-remote-code-execution-via-file-upload