CNNVD-202512-633 Information
Dec 05, 2025
cve
CNNVD ID
CNNVD-202512-633
Related CVE
- CNNVD Published: 2025-12-05
Description (Chinese)
ZSPACE Q2C是中国极空间(ZSPACE)公司的一个私有云存储设备。 ZSPACE Q2C 1.1.0210050及之前版本存在命令注入漏洞,该漏洞源于对文件/v2/file/safe/open中参数safe_dir的错误操作,可能导致命令注入攻击。
Description (English)
ZSPACE Q2C is a privately owned cloud storage facility of ZSPACE. ZSPACE Q2C 1.1.0210050 and earlier versions had a command-injecting loophole, which stemmed from an error in the parameter safe dir in document/v2/file/safe/open, which could lead to an order-injection attack.
Hazard Level
Medium
Vulnerability Type
命令注入
Affected Vendor
极空间
Published
2025-12-05
Last Modified
2026-02-24
References
https://vuldb.com/?id.334490 https://vuldb.com/?ctiid.334490 https://vuldb.com/?submit.697144 https://www.notion.so/2af6cf4e528a80258f60fa529c48d291 https://access.redhat.com/security/cve/cve-2025-14108
Share on: