CNNVD-202512-2999 Information

CNNVD ID

CNNVD-202512-2999

Related CVE

CVE-2025-65074

• CNNVD Published: 2025-12-16

Description (Chinese)

WaveStore Server是英国WaveStore公司的一个视频监控录像与存储的服务器软件。 WaveStore Server存在操作系统命令注入漏洞，该漏洞源于showerr脚本中存在路径遍历，可能导致执行任意OS命令。

Description (English)

WaveStore Server is a video surveillance video and storage server software for the British company WaveStore. WaveStore Server had an operating system command to inject a loophole, which stemmed from the existence of routing in the showerr script, which could lead to the execution of arbitrary OS orders.

Hazard Level

Medium

Vulnerability Type

操作系统命令注入

Affected Vendor

WaveStore

Published

2025-12-16

Last Modified

2026-02-24

References

https://cert.pl/en/posts/2025/12/CVE-2025-65074 https://www.wavestore.com/products/video-management-software