CNNVD-202512-4848 Information

CNNVD ID

CNNVD-202512-4848

Related CVE

CVE-2025-15106

• CNNVD Published: 2025-12-27

Description (Chinese)

Maxun是Maxun开源的一个爬虫工具。 Maxun 0.0.28及之前版本存在授权问题漏洞，该漏洞源于对文件server/src/routes/auth.ts中函数router.get的错误操作，可能导致授权不当。

Description (English)

Maxun is a reptile tool in Maxun’s open source. Maxun 0.0.28 and previous versions had a mandate gap, which stemmed from a mishandling of the router.get function in documentserver/src/routes/auth.ts, which could lead to inappropriate authorization.

Hazard Level

High

Vulnerability Type

授权问题

Affected Vendor

Maxun

Published

2025-12-27

Last Modified

2026-02-24

References

https://vuldb.com/?id.338477 https://vuldb.com/?ctiid.338477 https://gist.github.com/H2u8s/1a0bdb19d5c8c8f4dc72cb49ffe9a22b https://vuldb.com/?submit.710268 https://access.redhat.com/security/cve/cve-2025-15106

Patch

https://github.com/getmaxun/maxun/releases