SysAid On-Prem 漏洞列表

共找到 4 个与 SysAid On-Prem 相关的漏洞

📅 加载漏洞趋势中...

SysAid On-Prem 存在XML注入漏洞 (CVE-2025-2775) 无POC

日期: 2025-08-22 | 影响软件: SysAid On-Prem

SysAid On-Prem版本<= 23.3.40在Checkin处理功能中存在未经身份验证的XML外部实体（XXE）漏洞，该漏洞允许攻击者读取文件。
CVE-2025-2775: SysAid On-Prem <= 23.3.40 - XML External Entity POC

日期: 2025-08-01 | 影响软件: SysAid On-Prem

SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the Checkin processing functionality, allowing for administrator account takeover and file read primitives.
CVE-2025-2776: SysAid On-Prem <= 23.3.40 - XML External Entity POC

日期: 2025-08-01 | 影响软件: SysAid On-Prem

SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the Server URL processing functionality, allowing for administrator account takeover and file read primitives.
CVE-2025-2777: SysAid On-Prem <= 23.3.40 - XML External Entity POC

日期: 2025-08-01 | 影响软件: SysAid On-Prem

SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the lshw processing functionality, allowing for administrator account takeover and file read primitives.