CNNVD-202601-872 Information

CNNVD ID

CNNVD-202601-872

Related CVE

CVE-2025-65328

• CNNVD Published: 2026-01-05

Description (Chinese)

Devy Mega-Fence是韩国Devy公司的一个用于流量控制和在线排队的中间件。 Devy Mega-Fence 25.1.914及之前版本存在安全漏洞，该漏洞源于信任X-Forwarded-For标头值，可能导致客户端IP欺骗。

Description (English)

Devy Mega-Fence is an intermediary for traffic control and online queues of Devy Korea. Devy Mega-Fence 25.1.914 and earlier versions had a security loophole, which stemmed from trust in X-Forwarded-For header values and could lead to client IP fraud.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Devy

Published

2026-01-05

Last Modified

2026-02-24

References

https://drive.proton.me/urls/MY05PVBFXG#xDd2Xqy98WM9 https://raw.githubusercontent.com/p1aintext/CVE/main/CVE-2025-65328.md https://access.redhat.com/security/cve/cve-2025-65328