CNNVD-202512-4273 Information

CNNVD ID

CNNVD-202512-4273

Related CVE

CVE-2019-25233

• CNNVD Published: 2025-12-24

Description (Chinese)

AVE DOMINAplus是意大利AVE公司的一个应用系统。用于下一代房屋的最佳家庭自动化系统。 AVE DOMINAplus 1.10.x版本存在安全漏洞，该漏洞源于容易受到跨站请求伪造和跨站脚本攻击，可能导致执行管理操作和任意脚本。

Description (English)

AVE DOMINAplus is an application system of AVE Italy. The best family automation system for the next generation of houses. The AVE DOMINAplus 1.10.x version has a security loophole that stems from its vulnerability to cross-site requests for forgery and cross-site script attacks, which may lead to management operations and random scripts.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

AVE

Published

2025-12-24

Last Modified

2026-02-24

References

https://www.ave.it https://www.domoticaplus.it https://www.exploit-db.com/exploits/47821 https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5547.php