Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Improper input validation in the gateway health check feature in Devolutions Server allows a low-privileged authenticated user to perform server-side request forgery (SSRF), potentially leading to information disclosure, via a crafted API request. This issue affects Server: from 2026.1.1 through 2026.1.11, from 2025.3.1 through 2025.3.17.
CVSS Information
N/A
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
Devolutions Server 安全漏洞
Vulnerability Description
Devolutions Server是加拿大Devolutions公司的一个应用系统。提供功能齐全的共享帐户和密码管理解决方案。 Devolutions Server 2026.1.1至2026.1.11版本和2025.3.1至2025.3.17版本存在安全漏洞,该漏洞源于网关健康检查功能输入验证不当,可能导致低权限经过身份验证的用户通过特制API请求执行服务端请求伪造,从而造成信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A