CVE-2025-46578

Medium CVSS: 6.5

There are SQL injection vulnerabilities in multiple interfaces of the GoldenDB database product. Attackers can exploit these interfaces to inject commands and extract sensitive database information.

Vendor

Zte

Product

Zxcloud Goldendb

CWE

CWE-89

Yayın Tarihi

2025-04-27 02:15:16

Güncelleme

2025-05-12 19:32:35

Source Identifier

psirt@zte.com.cn

KEV Date Added

Kategoriler

CWE-89 Zxcloud Goldendb MEDIUM Zte 2025

Referanslar

https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/4693390139849392210

Benzer Kayıtlar

Medium

CVE-2025-66315

There is a configuration defect vulnerability in the version server of ZTE MF258K Pro products. Due to improper director…

High

CVE-2025-46580

There is a code-related vulnerability in the GoldenDB database product. Attackers can access system tables to disrupt th…

High

CVE-2025-46579

There is a DDE injection vulnerability in the GoldenDB database product. Attackers can inject DDE expressions through th…

Medium

CVE-2025-46575

There is an information disclosure vulnerability in the GoldenDB database product. Attackers can exploit error messages…

Medium

CVE-2025-46576

There is a Permission Management and Access Control vulnerability in the GoldenDB database product. Attackers can manipu…

Medium

CVE-2025-46577

There is a SQL injection vulnerability in the GoldenDB database product. Attackers can inject commands to extract databa…