CNNVD-202601-4404 Information

CNNVD ID

CNNVD-202601-4404

Related CVE

CVE-2025-41083

• CNNVD Published: 2026-01-26

Description (Chinese)

Altitude Communication Server是美国Altitude公司的一个IP联络中心软件。 Altitude Communication Server v8.5.3290.0版本存在注入漏洞，该漏洞源于对HTTP请求中Host标头的操作，可能导致重定向到任意URL或修改基础URL以诱骗受害者向恶意网站发送登录凭据。

Description (English)

Altitude Commission Server is an IP focal point software for Altitude in the United States. Altitude Commission Server v. 8.5.329.0 has an injection loophole, which stems from the operation of the host header in the HTTP request and may lead to a redirection to any URL or modification of the base URL to induce the victim to send a sign-in to a malicious website.

Hazard Level

High

Vulnerability Type

注入

Affected Vendor

Altitude

Published

2026-01-26

Last Modified

2026-02-24

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-altitude-communication-server https://access.redhat.com/security/cve/cve-2025-41083