A vulnerability has been identified in SINEC NMS (All versions < V40) The affected application

链接： https://github.com/advisories/GHSA-5w39-m9v9-2j2j

CVSS 评分： 9.8

参考链接：

https://nvd.nist.gov/vuln/detail/CVE-2025-40736
https://cert-portal.siemens.com/productcert/html/ssa-078892.html
https://github.com/advisories/GHSA-5w39-m9v9-2j2j

描述：

A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application exposes an endpoint that allows an unauthorized modification of administrative credentials. This could allow an unauthenticated attacker to reset the superadmin password and gain full control of the application (ZDI-CAN-26569).

安全公告

#Github Advisory

A vulnerability has been identified in SINEC NMS (All versions < V40) The affected application

http://example.com/2025/07/08/github_4283193204/

作者

lianccc

发布于

2025年7月8日

许可协议

_r_netsec Twitter Update ! 上一篇

Sophos XG Firewall SQL注入漏洞下一篇