漏洞描述
Omnissa Workspace ONE UEM 包含辅助上下文路径遍历漏洞。恶意行为者可能能够通过向受限的 API 端点发送精心设计的 GET请求(只读)来访问敏感信息。
Omnissa Workspace ONE UEM CVE-2025-25231 路径遍历
PoC代码
暂无相关漏洞推荐
- Omnissa Workspace ONE UEM /DevicesGateway/apps/system-app-metadata 目录遍历漏洞(CVE-2025-25231)
- POC CVE-2021-22054: VMWare Workspace ONE UEM - Server-Side Request Forgery
- POC CVE-2022-22954: VMware Workspace ONE Access - Server-Side Template Injection
- POC CVE-2022-22972: VMware Workspace ONE Access/Identity Manager/vRealize Automation - Authentication Bypass
- POC CVE-2025-25231: Omnissa Workspace ONE UEM - Path Traversal
- POC CVE-2022-22954: VMware Workspace ONE Access SSTI
- POC CVE-2022-22956: VMware Workspace ONE Access - Authentication Bypass
- (CVE-2025-4879) Citrix Workspace App for Windows本地权限提升漏洞
- Citrix Citrix Workspace App For Windows 权限管理不当
- Citrix Workspace App 权限管理不当漏洞
- H3C Workspace 云桌面 远程命令执行漏洞
- VMware Workspace ONE Access 身份认证绕过漏洞(CVE-2022-22972)
- VMware Workspace ONE Access CVE-2022-22957 代码执行漏洞