CNNVD-202512-658 Information

CNNVD ID

CNNVD-202512-658

Related CVE

CVE-2020-36881

• CNNVD Published: 2025-12-05

Description (Chinese)

Flexsense DiskBoss是美国Flexsense公司的一个磁盘管理工具。 Flexsense DiskBoss 7.7.14版本存在缓冲区错误漏洞，该漏洞源于Input Directory组件存在本地缓冲区溢出，可能导致未经验证的攻击者执行任意代码。

Description (English)

Flexsense DiskBoss is a disk management tool for the United States company Flexsense. Version 7.7.14 of Flexsense DiskBoss has a buffer zone error loophole, which stems from the presence of the Input Directory component in the local buffer zone, which could lead to unauthorized assailants implementing random codes.

Hazard Level

Medium

Vulnerability Type

缓冲区错误

Affected Vendor

Flexsense

Published

2025-12-05

Last Modified

2026-02-24

References

https://github.com/x00x00x00x00/diskboss_7.7.14/raw/master/ https://github.com/x00x00x00x00/diskboss_7.7.14/raw/master/diskboss_setup_v7.7.14.exe https://www.diskboss.com/ https://www.exploit-db.com/exploits/48279 https://www.vulncheck.com/advisories/flexsense-diskboss-add-input-directory-buffer-overflow

Patch

https://www.diskboss.com/downloads.html