CNNVD-202602-032 Information

CNNVD ID

CNNVD-202602-032

Related CVE

CVE-2026-25069

• CNNVD Published: 2026-02-01

Description (Chinese)

Pironman Dashboard是SunFounder开源的一个控制台接口。 Pironman Dashboard 1.3.13及之前版本存在安全漏洞，该漏洞源于日志文件API端点存在路径遍历，可能导致任意文件读取和删除。

Description (English)

Pironman Dashboard is a console interface for the SunFounder Open Source. Pironman Dashboard 1.3.13 and previous versions have a security loophole, which stems from the existence of a path through the API endpoint of the log file, which may lead to any file being read and deleted.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

SunFounder

Published

2026-02-01

Last Modified

2026-02-24

References

https://github.com/sunfounder/pm_dashboard https://github.com/sunfounder/pm_dashboard/blob/main/pm_dashboard/pm_dashboard.py#L62 https://gist.github.com/chapochapo/5db8702ede862af5c59a28b5d5a0aba3 https://github.com/sunfounder/pm_dashboard/blob/main/pm_dashboard/pm_dashboard.py#L440 https://www.vulncheck.com/advisories/sunfounder-pironman-dashboard-path-traversal-arbitrary-file-read-deletion https://access.redhat.com/security/cve/cve-2026-25069