← voltar
CVE-2025-46579

ZTE GoldenDB Database product has a DDE injection vulnerability

CVSS 8.4 HIGHEPSS 0.3%CWE-94
There is a DDE injection vulnerability in the GoldenDB database product. Attackers can inject DDE expressions through the interface, and when users download and open the affected file, the DDE commands can be executed.
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
Produtos afetados
ZTE · GoldenDB

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/1036467615091601474