CNNVD-202601-3967 Information
CNNVD ID
CNNVD-202601-3967
Related CVE
- CNNVD Published: 2026-01-23
Description (Chinese)
LiteSpeed Web Server Enterprise是美国LiteSpeed公司的一个服务器软件。 LiteSpeed Web Server Enterprise 5.4.11版本存在安全漏洞,该漏洞源于外部应用配置接口存在命令注入,可能导致远程代码执行。
Description (English)
LiteSpeed Web Server Enterprise is a server software for LiteSpeed in the United States. There is a security gap in version 5.4.11 of LiteSpeed Web Server Enterprise, which stems from the command injection of the external application configuration interface, which may lead to remote code implementation.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
LiteSpeed
Published
2026-01-23
Last Modified
2026-02-24
References
https://www.exploit-db.com/exploits/49523 https://www.litespeedtech.com/ https://www.litespeedtech.com/products https://www.vulncheck.com/advisories/litespeed-web-server-enterprise-command-injection
Patch
https://www.litespeedtech.com/products/litespeed-web-server/download
Share on: