CNNVD-202601-690 Information

CNNVD ID

CNNVD-202601-690

Related CVE

CVE-2025-34171

• CNNVD Published: 2026-01-02

Description (Chinese)

CasaOS是一个简单、易用、优雅的开源家庭云系统。 CasaOS 0.4.15及之前版本存在安全漏洞，该漏洞源于多个未经验证的端点暴露，可能导致敏感配置文件和系统调试信息泄露。

Description (English)

CasaOS is a simple, user-friendly and elegant open-source family cloud system. CasaOS 0.4.15 and previous versions have a security loophole that originates from multiple unverified endpoint exposures that may lead to leaks of sensitive configuration documents and debugging system information.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2026-01-02

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/casaos-unauthenticated-file-and-debug-data-exposure https://github.com/IceWhaleTech/CasaOS https://casaos.zimaspace.com/ https://access.redhat.com/security/cve/cve-2025-34171

Patch

https://github.com/IceWhaleTech/CasaOS/releases