CNNVD-202601-1934 Information

CNNVD ID

CNNVD-202601-1934

Related CVE

CVE-2022-50911

• CNNVD Published: 2026-01-13

Description (Chinese)

Bitrix24是美国Bitrix公司的一套企业社交平台。该平台包括在线通讯、日历管理和CRM（客户关系管理）等功能。 Bitrix24存在安全漏洞，该漏洞源于经过身份验证的远程代码执行，可能导致登录的攻击者通过PHP命令行管理界面执行任意系统命令。

Description (English)

Bitrix24 is a corporate social platform for Bitrix in the United States. The platform includes functions such as online newsletters, calendar management and CRM (customer relationship management). There is a security loophole in Bitrix24, which stems from the implementation of a remote code with authentication, which may result in the logged-in assailants executing arbitrary system orders through the PHP command line management interface.

Hazard Level

Medium

Vulnerability Type

其他

Published

2026-01-13

Last Modified

2026-02-24

References

https://www.bitrix24.com/apps/desktop.php https://www.exploit-db.com/exploits/50898 https://www.vulncheck.com/advisories/bitrix-remote-code-execution-rce-authenticated