ГлавнаяУязвимости → CVE-2025-47286
7.2высокая

CVE-2025-47286

Описание

Combodo iTop is a web based IT service management tool. In versions prior to 2.7.13 and 3.2.2, an administrator can, by editing the configuration of the iTop instance, execute code on the server. Versions 2.7.13 and 3.2.2 escape and check the config parameter before executing a command based on it.

Затрагиваемое ПО
Combodo Itop
CVSS
Балл7.2 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/Combodo/iTop/security/advisories/GHSA-4w93-rw6g-5m9c