CNNVD-202512-994 Information
CNNVD ID
CNNVD-202512-994
Related CVE
- CNNVD Published: 2025-12-08
Description (Chinese)
Yottamaster DM2等都是Yottamaster公司的一款私有云硬盘盒。 Yottamaster多款产品存在安全漏洞,该漏洞源于文件上传组件存在路径遍历漏洞。以下产品和版本受到影响:Yottamaster DM2、DM3和DM200 1.2.23版本及之前版本和1.9.12版本及之前版本。
Description (English)
Yottamaster DM2 and others are a private cloud hard drive for Yottamaster. There is a safety gap in many Yottamaster products, which stems from the routing of the document upload component. The following products and versions have been affected: Yottamaster DM2, DM3 and DM200 1.2.23 and earlier and 1.9.12 and earlier.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Yottamaster
Published
2025-12-08
Last Modified
2026-02-24
References
https://vuldb.com/?submit.701673 https://vuldb.com/?ctiid.334666 https://www.notion.so/2b76cf4e528a80f6ae50fe21b13ff0b8 https://www.notion.so/Yottamaster-NAS-Unauth-Operation-2b76cf4e528a80f6ae50fe21b13ff0b8 https://vuldb.com/?id.334666 https://access.redhat.com/security/cve/cve-2025-14224
Share on: