go to Content
:::

TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center

:::
Date:
Font-stze:

NetVision Information airPASS - OS Command Injection

TVN ID TVN-202501003
CVE ID CVE-2025-0457
CVSS 8.8 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products airPASS v2.9.0.x, v3.0.0.x
Description The airPASS from NetVision Information has an OS Command Injection vulnerability, allowing remote attackers with regular privileges to inject and execute arbitrary OS commands.
Solution For v2.9.0.x, please update to version 2.9.0.241231 or later.
For v3.0.0.x, please update to version 3.0.0.241231 or later.
Credit Security member
Public Date 2025-01-15
Top