CNNVD-202512-2687 Information
CNNVD ID
CNNVD-202512-2687
Related CVE
- CNNVD Published: 2025-12-15
Description (Chinese)
NetSupport Manager是NetSupport Manager公司的一款远程控制软件。 NetSupport Manager 14.12.0001之前版本存在安全漏洞,该漏洞源于Connectivity Server/Gateway HTTPS请求处理中存在未经验证的SQL注入,可能导致任意本地文件泄露。
Description (English)
NetSupport Manager is a remote control software for NetSupport Manager. NetSupport Manager 14.12.0001 had a security loophole, which originated from unverified SQL injections in the processing of requests for Partnership Server/Gateway HTTPS, which could lead to the disclosure of any local document.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
NetSupport Manager
Published
2025-12-15
Last Modified
2026-02-24
References
https://www.vulncheck.com/advisories/netsupport-manager-unauthenticated-sqli-local-file-disclosure https://kb.netsupportsoftware.com/knowledge-base/updating-and-securing-netsupport-manager/ https://ret2.me/post/2025-12-04-exploiting-netsupport-gateway/ https://access.redhat.com/security/cve/cve-2025-34179
Patch
https://kb.netsupportsoftware.com/knowledge-base/updating-and-securing-netsupport-manager/
Share on: