CNNVD-202601-3965 Information

CNNVD ID

CNNVD-202601-3965

Related CVE

CVE-2026-24138

• CNNVD Published: 2026-01-23

Description (Chinese)

FOG是FOG Project开源的一个开源计算机克隆与管理系统。 FOG 1.5.10.1754及之前版本存在代码问题漏洞，该漏洞源于getversion.php中存在未经验证的服务端请求伪造，可能导致获取内部网站和文件。

Description (English)

FOG is an open-source computer cloning and management system for FOG Projects. FOG 1.5.10.1754 and previous versions had a code problem gap, which stemmed from uncertified service-end requests for forgery in Getversion.php, which could lead to access to internal websites and documents.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

FOG Project

Published

2026-01-23

Last Modified

2026-02-24

References

https://github.com/FOGProject/fogproject/security/advisories/GHSA-79xw-c2qx-g7xj https://access.redhat.com/security/cve/cve-2026-24138

Patch

https://fogproject.org/download.php