CNNVD-202512-4970 Information
Dec 29, 2025
cve
CNNVD ID
CNNVD-202512-4970
Related CVE
- CNNVD Published: 2025-12-29
Description (Chinese)
pangolin是Pangolin开源的一个代理软件。 pangolin 1.6.2及之前版本存在安全漏洞,该漏洞源于2FA组件存在问题,可能导致权限提升。
Description (English)
Pangolin is an agent for Pangolin open source. There is a security gap in pangolin 1.6.2 and previous versions, which stems from a problem with the 2FA component, which may lead to an increase in privileges.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Pangolin
Published
2025-12-29
Last Modified
2026-02-24
References
https://gist.github.com/mrdgef/ef6fa41d69c0457874414c163d7d7d75 https://github.com/fosrl/pangolin
Patch
https://pangolin.net/downloads
Share on: