CNNVD-202512-2383 Information

CNNVD ID

CNNVD-202512-2383

Related CVE

CVE-2025-67728

• CNNVD Published: 2025-12-12

Description (Chinese)

Fireshare是Shane Israel个人开发者的一个媒体托管软件。 Fireshare 1.2.30及之前版本存在命令注入漏洞，该漏洞源于上传视频文件时文件名直接拼接至shell命令，可能导致远程代码执行。

Description (English)

Fireshare is a media hosting software for Shane Israel’s personal developer. Fireshare 1.2.30 and previous versions contain a command-injecting loophole, which results from the fact that the file name is encoded directly to the shell command at the time of uploading the video file and may result in remote code execution.

Hazard Level

Low

Vulnerability Type

命令注入

Affected Vendor

个人开发者

Published

2025-12-12

Last Modified

2026-02-24

References

https://github.com/ShaneIsrael/fireshare/commit/157386c85f6683f89192dae52115069b435b6d34 https://github.com/ShaneIsrael/fireshare/security/advisories/GHSA-c4f5-g622-q72m

Patch

https://github.com/ShaneIsrael/fireshare/releases