CNNVD-202512-3383 Information

CNNVD ID

CNNVD-202512-3383

Related CVE

CVE-2023-53937

• CNNVD Published: 2025-12-18

Description (Chinese)

Netsoft Holdings Hubstaff是美国Netsoft Holdings公司的一个项目管理平台。 Netsoft Holdings Hubstaff 1.6.14版本存在代码问题漏洞，该漏洞源于DLL搜索顺序劫持，可能导致获取反向shell。

Description (English)

Netsoft Holdings Hubstaff is a project management platform for Netsoft Holdings in the United States. Version 1.6.14 of Netsoft Holdings Hubstaff has a code breach that originates from a DLL search sequence hijacking, which may lead to a reverse shell.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

Netsoft Holdings

Published

2025-12-18

Last Modified

2026-02-24

References

https://hubstaff.com/ https://www.exploit-db.com/exploits/51461 https://www.vulncheck.com/advisories/hubstaff-dll-search-order-hijacking-via-wowlog-library