जमा करें #768949: AutohomeCorp frostmourne <=1.0 remote code executionजानकारी

शीर्षकAutohomeCorp frostmourne <=1.0 remote code execution
विवरणA critical remote code execution vulnerability exists in Frostmourne's alarm expression evaluation system. Authenticated administrative users can inject arbitrary JavaScript code via the alarm configuration interface, which is then executed by the Nashorn script engine without validation, leading to complete server compromise.
स्रोत⚠️ https://github.com/AnalogyC0de/public_exp/issues/17
उपयोगकर्ता
 Ana10gy (UID 93358)
सबमिशन27/02/2026 08:13 AM (5 महीनों पहले)
संयम11/03/2026 02:39 PM (12 days later)
स्थितिस्वीकृत
VulDB प्रविष्टि350397 [AutohomeCorp frostmourne तक 1.0 Oracle Nashorn JavaScript Engine ExpressionRule.java scriptEngine.eval EXPRESSION अधिकार वृद्धि]
अंक18

Interested in the pricing of exploits?

See the underground prices here!