CNNVD-202512-660 Information
Dec 05, 2025
cve
CNNVD ID
CNNVD-202512-660
Related CVE
- CNNVD Published: 2025-12-05
Description (Chinese)
Flexsense DiskBoss是美国Flexsense公司的一个磁盘管理工具。 Flexsense DiskBoss 11.7.28版本存在代码问题漏洞,该漏洞源于未加引号的服务路径,可能导致攻击者提升权限并执行任意系统命令。
Description (English)
Flexsense DiskBoss is a disk management tool for the United States company Flexsense. There is a code gap in version 11.7.28 of Flexsense DiskBoss, which stems from service paths without quotation marks, which may lead to an attacker increasing his authority and carrying out arbitrary system orders.
Hazard Level
Medium
Vulnerability Type
代码问题
Affected Vendor
Flexsense
Published
2025-12-05
Last Modified
2026-02-24
References
https://www.diskboss.com/ https://www.diskboss.com/downloads.html https://www.exploit-db.com/exploits/49022 https://www.vulncheck.com/advisories/flexsense-diskboss-service-unquoted-service-path-vulnerability
Patch
https://www.diskboss.com/downloads.html
Share on: