CNNVD-202512-2685 Information
CNNVD ID
CNNVD-202512-2685
Related CVE
- CNNVD Published: 2025-12-15
Description (Chinese)
NetSupport Manager是NetSupport Manager公司的一款远程控制软件。 NetSupport Manager 14.12.0001之前版本存在安全漏洞,该漏洞源于Connectivity Server/Gateway PUTFILE请求处理程序存在任意文件写入,可能导致远程代码执行。
Description (English)
NetSupport Manager is a remote control software for NetSupport Manager. NetSupport Manager 14.12.0001 had a security loophole, which stemmed from the arbitrary document writing of a request for processing by Conectivity Server/Gateway PUTFILE, which could lead to remote code execution.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
NetSupport Manager
Published
2025-12-15
Last Modified
2026-02-24
References
https://kb.netsupportsoftware.com/knowledge-base/updating-and-securing-netsupport-manager/ https://www.vulncheck.com/advisories/netsupport-manager-authenticated-path-traversal-arbitrary-write-rce https://ret2.me/post/2025-12-04-exploiting-netsupport-gateway/ https://access.redhat.com/security/cve/cve-2025-34181
Patch
https://kb.netsupportsoftware.com/knowledge-base/updating-and-securing-netsupport-manager/
Share on: