← voltar
CVE-2025-11546

CVE-2025-11546

CVSS 9.3 CRITICALEPSS 0.4%CWE-78
CLUSTERPRO X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2 and EXPRESSCLUSTER X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2, CLUSTERPRO X SingleServerSafe for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2, EXPRESSCLUSTER X SingleServerSafe for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2 allows an attacker sends specially crafted network packets to the product, arbitrary OS commands may be executed without authentication.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Produtos afetados
NEC Corporation · CLUSTERPRO X for Linux (EXPRESSCLUSTER X for Linux)NEC Corporation · CLUSTERPRO X SingleServerSafe for Linux (EXPRESSCLUSTER X SingleServerSafe for Linux)

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://jpn.nec.com/security-info/secinfo/nv25-006_en.html