CNNVD-202512-5044 Information

CNNVD ID

CNNVD-202512-5044

Related CVE

CVE-2024-58315

• CNNVD Published: 2025-12-30

Description (Chinese)

Tosibox Key Service是芬兰Tosi公司的一个远程访问解决方案。 Tosibox Key Service 3.3.0版本存在代码问题漏洞，该漏洞源于服务路径未加引号，可能导致权限提升。

Description (English)

Tosibox Key Service is a remote access solution for Tosi, Finland. There is a code gap in version 3.3.0 of Tosibox Key Service, which stems from the absence of quotation marks on service paths, which may lead to increased privileges.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

Tosi

Published

2025-12-30

Last Modified

2026-02-24

References

https://packetstormsecurity.com/files/177260/ https://www.tosi.net/ https://www.vulncheck.com/advisories/tosibox-key-service-local-privilege-escalation-via-unquoted-service-path https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5812.php