CNNVD-202512-3788 Information

CNNVD ID

CNNVD-202512-3788

Related CVE

CVE-2023-53948

• CNNVD Published: 2025-12-19

Description (Chinese)

Lilac-Reloaded是eskyuu个人开发者的一个图形化配置管理工具。 Lilac-Reloaded 2.0.8版本存在操作系统命令注入漏洞，该漏洞源于autodiscovery功能缺少输入过滤，可能导致远程代码执行。

Description (English)

Lilac-Reloaded is a graphical configuration management tool for eskyuu personal developers. There is a loophole in the operating system command version of Lilac-Reloaded 2.0.8, which stems from the lack of input filters for the autodiscovery function, which may lead to remote code execution.

Hazard Level

Low

Vulnerability Type

操作系统命令注入

Affected Vendor

个人开发者

Published

2025-12-19

Last Modified

2026-02-24

References

https://exchange.nagios.org/directory/addons/configuration/lilac-2dreloaded/details/ https://www.vulncheck.com/advisories/lilac-reloaded-for-nagios-remote-code-execution-via-autodiscovery https://www.exploit-db.com/exploits/51374 https://access.redhat.com/security/cve/cve-2023-53948