网安资讯详情 - SecLens 情报雷达

网安资讯,一网打尽。汇集权威漏洞通告与行业要闻,结合分组浏览、智能过滤、RSS订阅 和 Webhook 推送,多通道拓展您的安全情报视野。

ANSI Escape Sequence Injection Vulnerabilitiy in Some Huawei Products

来源: huawei_security · 发布时间 2026-06-03 08:00 (UTC+08:00) · 抓取时间 2026-06-03 21:40 (UTC+08:00)

摘要

Some Huawei products that use Apache Tomcat have an ANSI escape sequence injection vulnerability in the Windows console environment. Attackers can exploit this vulnerability to manipulate the console display and induce administrators to execute malicious commands. (Vulnerability ID:HWPSIRT-2025-45144) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID:CVE-2025-55754

标签

扩展字段

{
  "hw_psirt_ids": [
    "HWPSIRT-2025-45144"
  ],
  "language": "en",
  "sasn_no": "huawei-sa-AESIViSHP-40005749",
  "sasn_version": "2.5",
  "severity": "Critical",
  "vulnerabilities": [
    {
      "cveId": "CVE-2025-55754",
      "hwPsirtId": "HWPSIRT-2025-45144"
    }
  ]
}