CNNVD-202512-3781 Information
CNNVD ID
CNNVD-202512-3781
Related CVE
- CNNVD Published: 2025-12-19
Description (Chinese)
ActFax是奥地利Activefax的一款传真服务器软件。ActiveFax可以使你的电脑变成一个虚拟的传真机,实现在Windows和UNIX的应用软件中随意传送传真与Email,适合各种规模的网络及单机使用。 ActFax 10.10版本存在代码问题漏洞,该漏洞源于ActiveFaxServiceNT服务存在未加引号的服务路径,可能导致权限提升。
Description (English)
ActFax is an Austrian fax server software. ActiveFax can turn your computer into a virtual fax machine that allows for the free transmission of faxes and e-mails in Windows and UNIX applications, suitable for all size networks and single machines. There is a code gap in version 10.10 of ActFax, which stems from the existence of unquoted service paths for ActiveFaxServiceNT services, which may lead to increased privileges.
Hazard Level
High
Vulnerability Type
代码问题
Affected Vendor
Activefax
Published
2025-12-19
Last Modified
2026-02-24
References
https://www.vulncheck.com/advisories/actfax-unquoted-path-services-privilege-escalation-vulnerability https://www.actfax.com https://www.exploit-db.com/exploits/51332 https://access.redhat.com/security/cve/cve-2023-53954
Patch
https://www.actfax.com/en/download.html
Share on: