CNNVD-202512-3238 Information
CNNVD ID
CNNVD-202512-3238
Related CVE
- CNNVD Published: 2025-12-17
Description (Chinese)
AVideo是World Wide Broadcast Network开源的一个广播网络创建工具。 AVideo 20.0之前版本存在安全漏洞,该漏洞源于访问控制不当,可能导致经过身份验证的用户删除其他用户的媒体文件。
Description (English)
AVideo is an open-source radio network creation tool for the World Wide Broadcast Network. Prior to AVideo 20.0, there was a security loophole, which stemmed from inadequate access controls, which could lead to authentication users removing media files from other users.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
World Wide Broadcast Network
Published
2025-12-17
Last Modified
2026-02-24
References
https://chocapikk.com/posts/2025/avideo-security-vulnerabilities/ https://github.com/WWBN/AVideo/commit/275a54268b https://www.vulncheck.com/advisories/avideo-idor-arbitrary-file-deletion https://github.com/WWBN/AVideo/commit/4a53ab2056 https://access.redhat.com/security/cve/cve-2025-34435
Patch
https://github.com/WWBN/AVideo
Share on: