CNNVD-202512-4936 Information

CNNVD ID

CNNVD-202512-4936

Related CVE

CVE-2025-14728

• CNNVD Published: 2025-12-29

Description (Chinese)

Rapid7 Velociraptor是美国Rapid7公司的一个数字取证与事件响应平台。 Rapid7 Velociraptor 0.75.6之前版本存在安全漏洞，该漏洞源于Linux服务器上目录名清理不足，可能导致目录遍历和文件写入错误位置。

Description (English)

Rapid7 Velociraptor is a digital evidence and incident response platform for the United States company Rapid7. There was a security loophole in the pre-Raptor 0.75.6 version of Rapid7 Velociraptor, which resulted from a lack of cleanup of directory names on the Linux server, which could lead to directory history and document writing error.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Rapid7

Published

2025-12-29

Last Modified

2026-02-24

References

https://docs.velociraptor.app/announcements/advisories/cve-2025-14728/ https://access.redhat.com/security/cve/cve-2025-14728

Patch

https://docs.velociraptor.app/downloads/