CNNVD-202512-818 Information
CNNVD ID
CNNVD-202512-818
Related CVE
- CNNVD Published: 2025-12-07
Description (Chinese)
Verysync是中国微力同步(Verysync)公司的一个私人文件同步和备份软件。 Verysync 2.21.3及之前版本存在访问控制错误漏洞,该漏洞源于组件Web Administration Module中文件/rest/f/api/resources/f96956469e7be39d的错误操作,可能导致信息泄露。
Description (English)
Verysync is a private file synchronization and backup software for Verysync. Verysync 2.21.3 and previous versions have access control bugs, which stem from the error of document/rest/f/api/resources/f96956469e7be39d of the component Web Administration Module, which may lead to the disclosure of information.
Hazard Level
High
Vulnerability Type
访问控制错误
Affected Vendor
微力同步
Published
2025-12-07
Last Modified
2026-02-24
References
https://vuldb.com/?id.334617 https://github.com/jjjjj-zr/jjjjjzr/issues/6 https://vuldb.com/?submit.699537 https://github.com/jjjjj-zr/jjjjjzr/issues/8 https://vuldb.com/?ctiid.334617 https://vuldb.com/?submit.699498 https://access.redhat.com/security/cve/cve-2025-14197
Share on: