ГлавнаяУязвимости → CVE-2025-46579
8.4высокая

CVE-2025-46579

Описание

There is a DDE injection vulnerability in the GoldenDB database product. Attackers can inject DDE expressions through the interface, and when users download and open the affected file, the DDE commands can be executed.

Затрагиваемое ПО
Zte Zxcloud goldendb
CVSS
Балл8.4 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
Источники
https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/1036467615091601474