SecLens 情报中心

{
  "click_number": 0,
  "content_html": "<p style=\"text-indent: 2em;\"><br></p><p style=\"text-indent: 2em; line-height: 2;\"><span style=\"font-size: 19px; font-family: 仿宋;\">4月3日，工业和信息化部网络安全威胁和漏洞信息共享平台（NVDB）发布防范针对iOS特定版本的漏洞攻击风险提示。近日，北京安天网络安全技术有限公司开发了网页检测工具，可通过访问网站链接、扫描二维码等方式，在线快速检测iPhone手机是否会受该漏洞影响。工具使用方法参考如下：</span></p><p style=\"text-indent: 2em; line-height: 2;\"><span style=\"font-size: 19px; font-family: 仿宋;\">方法1. 打开以下网站链接：https://avlclaw.antiy.cn/tools/check.html</span></p><p style=\"text-indent: 2em; line-height: 2;\"><span style=\"font-size: 19px; font-family: 仿宋;\">方法2. 扫描以下二维码</span></p><p style=\"text-indent: 2em;\"><img style=\"max-width: 70%;margin: 0 auto;\" src=\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAZAAAAGQCAYAAACAvzbMAAAQAElEQVR4Aezc4XrjxrEEUNV9/3f2NbxRNlpLYkEccDDAyWdau2JzuvuMnPoF/d9f/keAAAECBH4g8H9v/keAAAECBH4gIEB+gOYjBIYIOITA4gICZPELND4BAgRmCQiQWfL6EiBAYHGBhQNkcXnjEyBAYHEBAbL4BRqfAAECswQEyCx5fQksLGB0ApuAANkUvAgQIEBgt4AA2U3mAwQIECCwCQiQTeHVL/0IECBwAQEBcoFLtAIBAgRmCAiQGep6EiAwS0DfgQICZCCmowgQIHAnAQFyp9u2KwECBAYKCJCBmHc4yo4ECBB4FxAg7xK+EiBAgMAuAQGyi0sxAQIEZgmcr68AOd+dmIgAAQJLCAiQJa7JkAQIEDifgAA5352Y6BgBpxIgMFhAgAwGdRwBAgTuIiBA7nLT9iRAgMBggTpABvd1HAECBAgsLiBAFr9A4xMgQGCWgACZJa8vgVpAIYFzCgiQc96LqQgQIHB6AQFy+isyIAECBM4pcIcAOae8qQgQILC4gABZ/AKNT4AAgVkCAmSWvL4E7iBgx0sLTA2QJG+JV/K5wRE/ecnnvZKP3z+i9+gzk48zJ5//ve2bfP755N/fP+LM5N99ko/fa/tudcnHzyaf/32rbV7J559PPn6/OWtvTfKxR+LvyW+DvZ6j6qcGyKglnEOAAAECrxcQIK8339FRKQECBM4rIEDOezcmI0CAwKkFBMipr8dwBAjMEtD3sYAAeWykggABAgQ+ERAgn6D4FgECBAg8FhAgj41U/ETAZwgQuLyAALn8FVuQAAECxwgIkGNcnUqAAIFZAi/rK0BeRq0RAQIEriWwTID89ddfb1d5rfAjlPz+NQnJa//c+rQ/D0k3f3veVtfO2NZtZzavpNslSdu6rmvm22qS1L+iqG5eFm79r/IqV55atkyATFXS/FYCliVAoBMQIJ2TKgIECBD4Q0CA/AHirwQIECDQCYwPkK6vKgIECBBYXECALH6BxidAgMAsAQEyS15fAuMFnEjgpQIC5KXcmhEgQOA6AgLkOndpEwIECLxUQID8D7c/EiBAgEAvcLkASfqnYJOxtT372Mqk36Pt3D7NO/q8rW97ZtLtPfq8JO2R9W9PaA/cfNpXe2aS6snx9rx2vq2uPXN0XdLtnIyvG73LzPMuFyAzMfUmQOCnAj63ooAAWfHWzEyAAIETCAiQE1yCEQgQILCigABZ8db+PbPvECBA4OUCAuTl5BoSIEDgGgIC5Br3aAsCBGYJ3LivALnx5VudAAECzwgIkGf0fJYAAQI3FhAgN778c6xuCgIEVhUQIKve3A/n3p7+bV5J9wRuO0bSnZekPbJ+yrvZd29NO2SS6invpKtr++6pa3dPuhmTvm7PnGrPJyBAzncnJiJAgMBLBJ5tIkCeFfR5AgQI3FRAgNz04q1NgACBZwUEyLOCPn9fAZsTuLmAALn5D4D1CRAg8FMBAfJTOZ8jQIDAzQUmBsjN5a1PgACBxQUEyOIXaHwCBAjMEhAgs+T1JTBRQGsCIwQEyAjFC57RPp3crt6et9W1Zyb9E8/JnNptn5GvpN9jtOPIPd7PamdUd04BAXLOezEVAQIETi8gQH5yRT5DgAABAm8CxA8BAQIECPxIQID8iM2HCBCYJKDtiQQEyIkuwygECBBYSUCArHRbZiVAgMCJBATIiS7jFaPoQYAAgVECAmSUpHMIECBwMwEBcrMLty4BArMErtdXgFzvTm1EgACBlwhcLkDef0XCjK8vubEbNEm6X9cx447fe46+hmT8zu2M7zs9+pp0MyZ9XTvj6LpHux75/uhdZp53uQCZian3oQIOJ0DgZAIC5GQXYhwCBAisIiBAVrkpcxIgQGCWwBd9BcgXML5NgAABAt8LCJDvfbxLgAABAl8ICJAvYHybwDgBJxG4poAAuea92ooAAQKHCwiQw4k1IECAwDUFVgiQa8rbigABAosLLBMgSf90a3Lu2hV+ZpLOsH1iN+nOS/I2+szWO5k34+idk/GO7Yyt9xF1SX+Hyblrj/AZfeYyATJ6cecRIFAIKCHwjYAA+QbHWwQIECDwtYAA+drGOwQIECDwjYAA+Qbn+becQIAAgesKCJDr3q3NCBAgcKiAADmU1+EECMwS0Pd4AQFyvLEOBAgQuKSAALnktVqKAAECxwsIkOON1+xgagIECDwQmBog7ZOtd617cHeneDvpnuY9xbAnHiIZ75iMPTPpztvz32t7JXvOvGNt6zi6bmqAjF7GeQQIELiAwDIrCJBlrsqgBAgQOJeAADnXfZiGAAECywgIkGWuyqCtgDoCBF4jIEBe46wLAQIELicgQC53pRYiQIDAawT+HSCv6asLAQIECCwuIEAWv0DjEyBAYJaAAJklry+Bfwv4DoGlBKYGSNI92ZqkRk3yllzj1S6958nbI87c07+pTbr7a87aao7YOZkzY7vLVrft3ry22pGvpLNJUrdNcrv/rmuciYVTA2Ti3loTIECAwJMClwqQJy18nAABAgR2CAiQHVhKCRAgQOC3gAD5beFPBAj8WMAH7yggQO5463YmQIDAAAEBMgDREQQIELijgAA5x62bggABAssJCJDlrszABAgQOIeAADnHPZiCAIFZAvr+WECA/JjOBwkQIHBvgakB0vyahfeapPtVBqOv873/jK9Jt3NyrbrRd9iel/SOo89sz1uhbs9/K7P2WWHGZPzP42jvqQEyehnnzRDQkwCBuwoIkLvevL0JECDwpIAAeRLQxwkQIDBLYHZfATL7BvQnQIDAogICZNGLMzYBAgRmCwiQ2Teg/zwBnQkQeEpAgDzF58MECBC4r4AAue/d25wAAQJPCTwRIE/19WECBAgQWFzgtgHSPoma9E+DJmNr2xn3/Ay2Z46u2zNjW5uM9W777qlbwbHdp92lPW+rS7o7bHu3dUnXN8lbe+a2T/NKut5t362u6XtEzW0D5AhMZxJ4lYA+BM4gIEDOcAtmIECAwIICAmTBSzMyAQIEziBwzwA5g7wZCBAgsLiAAFn8Ao1PgACBWQICZJa8vgTuKWDrCwkIkAtdplUIECDwSgEB8kptvQgQIHAhAQGy2GUalwABAmcRuFyAbE9lNq/2Apqz3mtGn9met0Ldu1Hztd2nOWtPTdt3T13SPXXcnnnEPu2ZSbdL0te1vVufI+qSbp+29wo7t7tcLkDaxdURIEBgn4DqPwUEyJ8i/k6AAAEClYAAqZgUESBAgMCfAgLkTxF/P0rAuQQIXExAgFzsQq1DgACBVwkIkFdJ60OAAIFZAgf1FSAHwTqWAAECVxcQIFe/YfsRIEDgIAEBchCsY68kYBcCBD4TmBogSfeEZ5K39unNpD8zeVz7Gdqz30se903ybJtPP5/kLXn969Nhvvjm6Lv+os1T325nbOuS199Jsq9nu8ueuqSb4anLetGH273bcZLOJkl75PC6qQEyfBsHEiBAgMDLBF4RIC9bRiMCBAgQeJ2AAHmdtU4ECBC4lIAAudR1WobAHwL+SuBAAQFyIK6jCRAgcGUBAXLl27UbAQIEDhQQIN/iepMAAQIEvhIQIF/J+D4BAgQIfCsgQL7l8SYBArME9D2/gAA5/x2ZkAABAqcUWCZAklS/gqNVHv1rB9q+W13bO+l2bs/bU7fN2bzaM5uz9ta0vZPxju2syfje7d7tjKPPS7qdk/G/omj0zptNe2bS7508rm37zqxbJkBmIi3Z29AECBA4WECAHAzseAIECFxVQIBc9WbtRYDALIHb9BUgt7lqixIgQGCsgAAZ6+k0AgQI3EZAgNzmqtdZ1KQECKwhIEDWuCdTEiBA4HQCAuR0V2IgAgQIzBLY11eA7PNSTYAAAQL/EZgaINtTnrNe/9n/4Zfk8ROjya+adpfkV33y/dfR5yV5uO9RBUmq3ySQjK9rd0rm9T5ixtE/P+2Mbd+tLunM297J2PPavkfUbT7t64j+zZlTA6QZUA2BhQSMSuBWAgLkVtdtWQIECIwTECDjLJ1EgACBWwmcKkBuJW9ZAgQILC4gQBa/QOMTIEBgloAAmSWvL4FTCRiGwH4BAbLfzCcIECBA4G8BAfI3gn8IECBAYL+AANlv9tknfI8AAQK3E5gaIEn31GiS+mKSVE88twe2T4JudUnXe6ttXleasd1lZl1zJ0fVtHvv6Z90P49t77Yu6fomaY8cXpek+v+JJMN7t3c4vPEBB04NkAP2cSQBAncTsO80AQEyjV5jAgQIrC0gQNa+P9MTIEBgmoAAmUZ/lsbmIECAwM8EBMjP3HyKAAECtxcQILf/EQBAgMAsgdX7CpDVb9D8BAgQmCQgQCbBa0uAAIHVBQTI6jd45/ntToDAVIGpAdI+kbnVjVZKUj+JmnS17YxJd14yvm6zbF7J2N5Nz/ea1vG9/tHX9rw9dUnns+fM0bWPXPa+P3q+Pee1s+45s61te7d1bd+k+xlL0h45vG5qgAzfxoEECBAg8AqBf3oIkH8Y/IsAAQIE9goIkL1i6gkQIEDgHwEB8g+DfxF4rYBuBK4gIECucIt2IECAwAQBATIBXUsCBAhcQWDNALmCvB0IECCwuIAAWfwCjU+AAIFZAgJklry+BNYUMDWB/woIkP9S+AMBAgQI7BGYGiBJ6l8n0i7V/jqBtq7tu9W1Z86sSzrzdsZt77O/2l2SzibJ2xFnJn3/ZFxte39J17O12VOXdL3bXY7onYydsd1lZt3UAJm5+Kze+hIgQOAqAgLkKjdpDwIECLxYQIC8GFw7AgRmCeg7WkCAjBZ1HgECBG4iIEBuctHWJECAwGgBATJa9Lrn2YwAAQIfBATIBw5/IUCAAIFWQIC0UuoIECAwS+CkfQXISS/GWAQIEDi7wNQAmfk0aNI9NTpzxrP/8KwyX9Ld9cx99vyctbWj92n7Jp130teN3iXpe7d7tzMmXe+271bX9h5dNzVARi/jPAKfC/guAQJHCAiQI1SdSYAAgRsICJAbXLIVCRAgcIRAEyBH9HUmAQIECCwuIEAWv0DjEyBAYJaAAJklry+BRkANgRMLCJATX47RCBAgcGYBAXLm2zEbAQIETixw8QA5sbzRCBAgsLjAbQNke3qzeR1xv03frSbpnlhN+rrt3OaVdGc2Z201exy3+ubVntmctdW05+2p285tXu2ZSXcvSdoj35JUr/bAZt/3mtFntuftqUvG+rS9k65vkvbI4XW3DZDhkg4kQOCDgL9cX0CAXP+ObUiAAIFDBATIIawOJUCAwPUFBMhZ79hcBAgQOLmAADn5BRmPAAECZxUQIGe9GXMRIDBLQN9SQICUUMoIECBA4KOAAPno4W8ECBAgUAoIkBJKWS+gkgCBewhMDZAk1ROwSd7en1wd9TXpeyddbTtb0p13xI9gMq/3EfuMPLO9v62u7ZuM9d56t692xva8pNsl6evaGVeoax2PqJvlMzVAZi2tLwECBK4p8NqtBMhrvXUjQIDAZQQEyGWuqO/jaQAACp9JREFU0iIECBB4rYAAea23bucWMB0BAjsEBMgOLKUECBAg8FtAgPy28CcCBAgQ2CEwNEB29FVKgAABAosLCJDFL9D4BAgQmCUgQGbJ60tgqIDDCLxeQIC83lxHAgQIXEJgmQBJul+P0N5K++sE2vO2uqSbcXTv9rytbptz5Cvpdh7Z8/2spOudzKvbzJvX+06Pvib9Lk3frSbpztxqZ72S68z46I7f30+6nZO8f+TlX5cJkINlHE+AAAECOwUEyE4w5QQIECDwS0CA/HLwbwIEZgnou6yAAFn26gxOgACBuQICZK6/7gQIEFhWQIAse3Xvg/tKgACBOQICZI67rgQIEFheQIAsf4UWIEBglsDd+wqQu/8E2J8AAQI/FFgmQNonYH/o8OXH2r5b3ZeH/PFGkrfk8euPjw356zZn82qbNWdtNe15W13y2CbJVlq9tv6jX1XjHUVJqp+JPXvsaF+VJt2MSV9XNf67qN076XsnY2tHz9iet9X9TTTln2UCZIqOpscKOJ0AgaUFBMjS12d4AgQIzBMQIPPsdSZAgMAsgSF9BcgQRocQIEDgfgIC5H53bmMCBAgMERAgQxgdcjcB+xIg8PYmQPwUECBAgMCPBATIj9h8iAABAgTmBAh3AgQIEFhe4LYBkqR68veIG96eHB35SrpdkhyxzvAzW5vRjZNUPxNJ3toZk+7MdpekOy/p69pd2hnb87a6pJtzdO/2vD11ydhd9vSeVXvbAJkFri+ByQLaExgmIECGUTqIAAEC9xIQIPe6b9sSIEBgmIAA2UmpnAABAgR+CQiQXw7+TYAAAQI7BQTITjDlBAjMEtD3bAIC5Gw3Yh4CBAgsIiBAFrkoYxIgQOBsAgLkbDdy3DxOJkCAwFABAfKAM+meLk3GP52cdL0frPDh7WT8mR8aDPhL0s24PcncvNqRmrPea5Juxrb3EXXvsz76mozdJenOS1KvnaT+LQHJ49q68d+Fj/yOej95vEfyq+bvMaf8I0CmsGtKgMCtBC66rAC56MVaiwABAkcLCJCjhZ1PgACBiwoIkIte7LXWsg0BAmcUECBnvBUzESBAYAEBAbLAJRmRAAECswS+6ytAvtPxHgECBAh8KSBAvqTxBgECBAh8JyBAvtPxHoFnBXyewIUFBMiFL9dqBAgQOFJgaoDs+RUAoxH29G5r2xnb89q6tu9Wd8SZ27mPXsmvX7mQPP66woyP9l3p/da7rduze3vm6Lo9M7a1yeOf7STtcUvUTQ2Qx0IqCBAgQOCsAgLkrDdjLgIECJxcQICc/IKMR2CWgL4EHgkIkEdC3idAgACBTwUEyKcsvkmAAAECjwQEyCOhn77vcwQIELi4gAC5+AVbjwABAkcJCJCjZJ1LgMAsAX1fJCBAXgStDQECBK4mMDVAkrwlXsnnBu0P256ndJPPeyUfv9/2Tj5+Lvn87+15W13y+RnJsd/f47jN2bz2nDm6tplvq0nGum5njn4l3Yyj+x5xXtLtsufn4Yg5mzOnBkgzoJrXC+hIgACBRkCANEpqCBAgQOBfAgLkXyS+QYAAgVkCa/UVIGvdl2kJECBwGgEBcpqrMAgBAgTWEhAga92Xab8X8C4BAi8UECAvxNaKAAECVxIQIFe6TbsQIEDghQIfAuSFfbUiQIAAgcUFlgmQPU9lnr129M9M0j3ZmuSttRk9Y9t3q2t7b7XNqz0v6R2PODPp+yePa9sZG8Otpj3viLqtf/M6onfy2DrJ8NZJ6t/UMbx5eeAyAVLuo4zAogLGJrCegABZ785MTIAAgVMICJBTXIMhCBAgsJ7AVQJkPXkTEyBAYHEBAbL4BRqfAAECswQEyCx5fQlcRcAetxUQILe9eosTIEDgOQEB8pyfTxMgQOC2AgJk+tUbgAABAmsKXC5Akv7pzWRs7Qo/Akm3c7tL83TwVtOet6cuGbvLnt7bTiNfe3q3tUnnk3R17b7tfFtd0vVOxtZtvUe/jvAZPePo8y4XIKOBnEeAwHUFbPacgAB5zs+nCRAgcFsBAXLbq7c4AQIEnhMQIM/53fvTtidA4NYCAuTW1295AgQI/FxAgPzczicJECAwS+AUfQXIKa7BEAQIEFhPQICsd2cmJkCAwCkEBMgprsEQrxbQjwCB5wUEyPOGTiBAgMAtBQTILa/93Eu3vxKirWu3bc/b6pKxv1pjO3P0a/Teo8/b9j3izO3cR6+271b36Kz397fa5vVe/+hrc9bsmp8FyOyp9SdAgACB6QICZPoVGIAAAQJrCgiQNe/N1PcVsDmB0wgIkNNchUEIECCwloAAWeu+TEuAAIHTCNwuQE4jbxACBAgsLiBAFr9A4xMgQGCWgACZJa8vgdsJWPhqAgLkajdqHwIECLxIQIC8CPosbR49/fr+fjtv0j2R3Z63py4Z2zvpzktSj/nu+ehre2CSt6R7tWe2dUnXN+nrZvV+dB//+37S7dPu0tb97wyP/tyeObpOgIwWPe48JxMgQOBUAgLkVNdhGAIECKwjIEDWuSuTEiAwS0DfTwUEyKcsvkmAAAECjwQEyCMh7xMgQIDApwIC5FMW3xwr4DQCBK4oIECueKt2IkCAwAsEBMgLkLUgQIDALIEj+wqQI3WdTYAAgQsLXC5AHj2xeeT7s35O9uyUjH2qtu19hM3o3u15e+pG731E76T7mWh7j955z3ntjEm3c5K30Wfu2efstZcLkLODm28xAeMSIPClgAD5ksYbBAgQIPCdgAD5Tsd7BAgQIPClwMEB8mVfbxAgQIDA4gICZPELND4BAgRmCQiQWfL6EjhYwPEEjhYQIEcLO58AAQIXFRAgF71YaxEgQOBoAQHylbDvEyBAgMC3AssESNI/OZqcu/bbG/nBm0m/b/tUbVv3g3GHfSTp9m4bJt15SV/X9j6iboU7bGds65Lubtrztrr2brba5pV0M7Z9Z9YtEyAzkfQmQOClApotIiBAFrkoYxIgQOBsAgLkbDdiHgIECCwiIEAWuag9Y6olQIDAKwQEyCuU9SBAgMAFBQTIBS/VSgQIzBK4V18Bcq/7ti0BAgSGCQiQYZQOIkCAwL0EBMi97vvs25qPAIGFBATIQpdlVAIECJxJYGqANI/937mm/UHZY9SeuULdnr1n1V7Jsd1lj3V7ZlvX9m7PO6LutDP+YNmpAfKDeX2EAAECBE4iIEBOchHGIECAwGoCAmS1GzPvSQWMReB+AgLkfnduYwIECAwRECBDGB1CgACB+wmcJUDuJ29jAgQILC4gQBa/QOMTIEBgloAAmSWvL4GzCJiDwA8FBMgP4XyMAAECdxcQIHf/CbA/AQIEfiggQH4I9/tj/kSAAIF7CgiQe967rQkQIPC0gAB5mtABBAjMEtB3roAAmeuvOwECBJYVECDLXp3BCRAgMFdAgMz1n9tddwIECDwhIECewPNRAgQI3FlAgNz59u1OgMAsgUv0FSCXuEZLECBA4PUCAuT15joSIEDgEgIC5BLXeL8lbEyAwHwBATL/DkxAgACBJQUEyJLXZmgCBAjMEvjdV4D8tvAnAgQIENghIEB2YCklQIAAgd8CAuS3hT8ReIWAHgQuIyBALnOVFiFAgMBrBQTIa711I0CAwGUElguQy8hbhAABAosL/D8AAAD//yjYXa0AAAAGSURBVAMAYIUtV7+f274AAAAASUVORK5CYII=\" alt=\"正常二维码.png\" data-href=\"\" style=\"\"></p><p style=\"text-indent: 2em; line-height: 2;\"><span style=\"font-size: 19px; font-family: 仿宋;\">如发现使用的iOS版本属于受影响范围，建议立即升级到手机可安装的最新iOS版本，或携带iPhone手机前往就近的苹果公司零售店、授权经销商及服务提供商等获取协助。</span></p><p style=\"text-indent: 2em; line-height: 2;\"><br></p><p style=\"text-indent: 2em; line-height: 2;\"><span style=\"font-size: 19px; font-family: 仿宋;\">相关阅读：</span></p><p style=\"text-indent: 2em; line-height: 2;\"><span style=\"font-size: 19px; font-family: 仿宋;\"> </span><a href=\"https://www.cnvdb.org.cn/announcement/2044355869064937474\" target=\"_blank\"><span style=\"font-size: 19px; font-family: 仿宋;\">苹果公司紧急提醒iPhone用户立即更新以防范网页攻击</span></a><span style=\"font-size: 19px; font-family: 仿宋;\"> </span></p><p style=\"text-indent: 2em; line-height: 2;\"><span style=\"font-size: 19px; font-family: 仿宋;\"> </span><a href=\"https://mp.weixin.qq.com/s/X3-aVy9u4lTHBAJ49FA-pg?scene=1\" target=\"_blank\"><span style=\"font-size: 19px; font-family: 仿宋;\">更新 iOS 以保护你的 iPhone 免受网页攻击</span></a><span style=\"font-size: 19px; font-family: 仿宋;\"> </span></p><p style=\"text-indent: 2em; line-height: 2;\"><span style=\"font-size: 19px; font-family: 仿宋;\"> </span><a href=\"https://www.cnvdb.org.cn/announcement/2040008092004438018\" target=\"_blank\"><span style=\"font-size: 19px; font-family: 仿宋;\">关于及时更新iOS特定版本 防范漏洞攻击利用的风险提示</span></a><span style=\"font-size: 19px; font-family: 仿宋;\"> </span></p>",
  "create_time": "2026-04-29T09:13:27.000+08:00",
  "origin": "工业和信息化部网络安全威胁和漏洞信息共享平台",
  "record_type": 1,
  "release_time_raw": "2026-04-28T00:00:00.000+08:00",
  "system_type": 2,
  "update_time": "2026-04-29T10:55:31.000+08:00"
}

{
  "click_number": 0,
  "content_html": "<p style=\"text-indent: 32pt; text-align: justify;\">针对最近发现的对过时版本iOS发起的攻击，4月15日苹果公司服务号“Apple”发布《更新iOS以保护你的iPhone免受网页攻击》安全公告（https://mp.weixin.qq.com/s/X3-aVy9u4lTHBAJ49FA-pg?scene=1&amp;click_id=82），提醒相关iPhone用户，2026年4月开始为更多设备提供iOS 18.7.7，建议用户及时采取以下措施，解决相关漏洞，阻断此类攻击：</p><p style=\"text-indent: 32pt; text-align: justify;\">一、根据提示升级到安全版本，或者安装关键性安全更新。</p><p style=\"text-indent: 32pt; text-align: justify;\">二、无法完成更新设备的用户，如果设备支持，可考虑启用锁定模式。</p><p style=\"text-indent: 32pt; text-align: justify;\">三、可通过苹果公司零售店、授权经销商及服务提供商等获取协助，开展软件版本检测与更新等安全性修复。</p><p style=\"text-indent: 32pt; text-align: justify;\"> </p><p style=\"text-indent: 32pt; text-align: justify;\"><br></p><p style=\"text-align: justify;\">相关阅读：</p><p style=\"text-align: justify;\"><a href=\"https://www.cnvdb.org.cn/announcement/2040008092004438018\" target=\"_blank\"><span style=\"font-family: 宋体;\"><u>关于及时更新iOS特定版本 防范漏洞攻击利用的风险提示</u></span></a></p>",
  "create_time": "2026-04-15T18:03:16.000+08:00",
  "origin": "工业和信息化部网络安全威胁和漏洞信息共享平台",
  "record_type": 1,
  "release_time_raw": "2026-04-15T00:00:00.000+08:00",
  "system_type": 2,
  "update_time": "2026-04-15T18:11:14.000+08:00"
}

{
  "click_number": 0,
  "content_html": "<p>啊手动阀</p>",
  "create_time": "2026-04-10T20:54:11.000+08:00",
  "origin": "案说法大",
  "record_type": 1,
  "release_time_raw": "2026-04-10T00:00:00.000+08:00",
  "system_type": 2,
  "update_time": "2026-04-11T10:49:12.000+08:00"
}

{
  "click_number": 0,
  "content_html": "<p style=\"text-indent: 32pt; text-align: start; line-height: 2;\">近日，工业和信息化部网络安全威胁和漏洞信息共享平台（NVDB）监测发现，有攻击者利用针对苹果公司终端产品的漏洞利用工具实施网络攻击活动，可导致信息窃取、系统受控等严重危害。影响范围包括运行iOS 13.0至17.2.1的iPhone、iPad等苹果公司终端产品。</p><p style=\"text-indent: 32pt; text-align: start; line-height: 2;\">攻击者通过短信、邮件或网页投毒等方式，诱导用户使用Safari浏览器访问包含恶意代码的网页，综合利用终端设备中存在的安全漏洞，向受害终端产品植入远程控制木马，窃取用户敏感信息，获取最高权限并控制。</p><p style=\"text-indent: 32pt; text-align: start; line-height: 2;\">建议使用苹果公司终端产品的用户做好风险排查，尽快通过升级版本和安装补丁等方式修复漏洞（可参考苹果公司安全更新公告：https://support.apple.com/zh-cn/100100）。留意系统更新通知和苹果公司发布的最新安全更新公告，及时升级最新安全版本，强化使用安全意识，避免点击不明链接，防范网络攻击风险。</p>",
  "create_time": "2026-04-03T18:06:45.000+08:00",
  "origin": "工业和信息化部网络安全威胁和漏洞信息共享平台",
  "record_type": 1,
  "release_time_raw": "2026-04-03T00:00:00.000+08:00",
  "system_type": 2,
  "update_time": "2026-04-03T18:11:55.000+08:00"
}

{
  "click_number": 0,
  "content_html": "<p style=\"text-indent: 32pt; line-height: 2;\"><span style=\"font-size: 19px; font-family: 宋体;\">近日，工业和信息化部网络安全威胁和漏洞信息共享平台（</span><span style=\"font-size: 19px; font-family: &quot;Times New Roman&quot;;\">NVDB</span><span style=\"font-size: 19px; font-family: 宋体;\">）监测发现，</span><span style=\"font-size: 19px; font-family: &quot;Times New Roman&quot;;\">Windows</span><span style=\"font-size: 19px; font-family: 宋体;\">远程桌面服务（</span><span style=\"font-size: 19px; font-family: &quot;Times New Roman&quot;;\">RDS</span><span style=\"font-size: 19px; font-family: 宋体;\">）存在权限提升高危漏洞，已被用于网络攻击。</span></p><p style=\"text-indent: 32pt; line-height: 2;\"><span style=\"font-size: 19px; font-family: 宋体;\">远程桌面服务（</span><span style=\"font-size: 19px; font-family: &quot;Times New Roman&quot;;\">RDS</span><span style=\"font-size: 19px; font-family: 宋体;\">）是</span><span style=\"font-size: 19px; font-family: &quot;Times New Roman&quot;;\">Windows</span><span style=\"font-size: 19px; font-family: 宋体;\">系统中提供远程访问、桌面虚拟化及会话管理的核心组件。该服务处理内部配置及相关注册表项权限时存在校验缺陷，攻击者在拥有用户权限或建立远程桌面会话的条件下，可构造特殊请求篡改服务启动配置，无需用户交互即可实现本地权限提升，获取系统最高权限，进而实施恶意操作，受影响的型号包括</span><span style=\"font-size: 19px; font-family: &quot;Times New Roman&quot;;\">Windows 10/11，Windows Server 2012/2016/2019/2022/2025</span><span style=\"font-size: 19px; font-family: 宋体;\">等。</span></p><p style=\"text-indent: 32pt; line-height: 2;\"><span style=\"font-size: 19px; font-family: 宋体;\">目前微软官方已修复漏洞并发布安全公告（</span><span style=\"font-size: 19px; font-family: &quot;Times New Roman&quot;;\">URL</span><span style=\"font-size: 19px; font-family: 宋体;\">链接：</span><span style=\"font-size: 19px; font-family: &quot;Times New Roman&quot;;\">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21533</span><span style=\"font-size: 19px; font-family: 宋体;\">）。建议相关单位和用户立即开展全面排查，及时升级</span><span style=\"font-size: 19px; font-family: &quot;Times New Roman&quot;;\">Windows</span><span style=\"font-size: 19px; font-family: 宋体;\">系统至最新安全版本，或参照官方公告安装补丁。针对无法及时更新的系统，可采取限制非必要远程桌面访问、开启多因素认证等加固措施，防范网络攻击风险。</span></p>",
  "create_time": "2026-03-19T15:47:10.000+08:00",
  "origin": "工业和信息化部网络安全威胁和漏洞信息共享平台",
  "record_type": 1,
  "release_time_raw": "2026-03-19T00:00:00.000+08:00",
  "system_type": 2,
  "update_time": "2026-04-10T14:42:34.000+08:00"
}

{
  "click_number": 0,
  "content_html": "<p style=\"text-indent: 32pt; line-height: 2;\"><span style=\"font-size: 19px; font-family: 宋体;\">近日，工业和信息化部网络安全威胁和漏洞信息共享平台（</span><span style=\"font-size: 19px; font-family: &quot;Times New Roman&quot;;\">NVDB</span><span style=\"font-size: 19px; font-family: 宋体;\">）监测发现，思科</span><span style=\"font-size: 19px; font-family: &quot;Times New Roman&quot;;\">Catalyst SD-WAN</span><span style=\"font-size: 19px; font-family: 宋体;\">管理软件存在多个漏洞，已被用于网络攻击。</span></p><p style=\"text-indent: 32pt; line-height: 2;\"><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: 宋体;\">思科</span><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: &quot;Times New Roman&quot;;\">Catalyst SD-WAN</span><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: 宋体;\">是思科公司推出的软件定义广域网解决方案，用于企业级广域网的部署、管理与优化。由于软件缺陷，存在权限提升、任意文件覆盖、认证绕过等漏洞，可被攻击者利用获取最高</span><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: &quot;Times New Roman&quot;;\">root</span><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: 宋体;\">权限，造成敏感信息泄露、系统受控等危害，</span><span style=\"font-size: 19px; font-family: 宋体;\">受影响版本包括：</span><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: &quot;Times New Roman&quot;;\">&lt;20.9</span><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: 宋体;\">系列</span><span style=\"font-size: 19px; font-family: 宋体;\">、</span><span style=\"font-size: 19px; font-family: &quot;Times New Roman&quot;;\">20.9</span><span style=\"font-size: 19px; font-family: 宋体;\">系列</span><span style=\"font-size: 19px; font-family: &quot;Times New Roman&quot;;\">&lt;20.9.8.2</span><span style=\"font-size: 19px; font-family: 宋体;\">、</span><span style=\"font-size: 19px; font-family: &quot;Times New Roman&quot;;\">20.11</span><span style=\"font-size: 19px; font-family: 宋体;\">系列、</span><span style=\"font-size: 19px; font-family: &quot;Times New Roman&quot;;\">20.12</span><span style=\"font-size: 19px; font-family: 宋体;\">系列</span><span style=\"font-size: 19px; font-family: &quot;Times New Roman&quot;;\">&lt;20.12.5.3/20.12.6.1、20.13</span><span style=\"font-size: 19px; font-family: 宋体;\">系列、</span><span style=\"font-size: 19px; font-family: &quot;Times New Roman&quot;;\">20.14</span><span style=\"font-size: 19px; font-family: 宋体;\">系列、</span><span style=\"font-size: 19px; font-family: &quot;Times New Roman&quot;;\">20.15</span><span style=\"font-size: 19px; font-family: 宋体;\">系列</span><span style=\"font-size: 19px; font-family: &quot;Times New Roman&quot;;\">&lt;20.15.4.2、20.16</span><span style=\"font-size: 19px; font-family: 宋体;\">系列、</span><span style=\"font-size: 19px; font-family: &quot;Times New Roman&quot;;\">20.18</span><span style=\"font-size: 19px; font-family: 宋体;\">系列</span><span style=\"font-size: 19px; font-family: &quot;Times New Roman&quot;;\">&lt;20.18.2.1</span><span style=\"font-size: 19px; font-family: 宋体;\">。</span></p><p style=\"text-indent: 32pt; line-height: 2;\"><span style=\"font-size: 19px; font-family: 宋体;\">目前，思科官方已修复上述漏洞并发布更新公告（</span><span style=\"font-size: 19px; font-family: &quot;Times New Roman&quot;;\">URL</span><span style=\"font-size: 19px; font-family: 宋体;\">链接：</span><span style=\"font-size: 19px; font-family: &quot;Times New Roman&quot;;\">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v、https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk</span><span style=\"font-size: 19px; font-family: 宋体;\">）。建议相关单位和用户立即开展隐患排查，及时升级至最新安全版本，防范网络攻击风险。</span></p>",
  "create_time": "2026-03-18T13:40:04.000+08:00",
  "origin": "工业和信息化部网络安全威胁和漏洞信息共享平台",
  "record_type": 1,
  "release_time_raw": "2026-03-18T00:00:00.000+08:00",
  "system_type": 2,
  "update_time": "2026-04-03T18:16:05.000+08:00"
}

{
  "click_number": 0,
  "content_html": "<p style=\"text-indent: 31.2pt; text-align: justify;\">针对“龙虾”典型应用场景下的安全风险，工业和信息化部网络安全威胁和漏洞信息共享平台（NVDB）组织智能体提供商、漏洞收集平台运营单位、网络安全企业等，研究提出“六要六不要”建议。</p><p style=\"text-indent: 32pt; text-align: justify;\"><span style=\"font-family: 黑体;\">一、典型应用场景安全风险</span></p><p style=\"text-indent: 32pt; text-align: justify;\"><strong>（一）智能办公场景主要存在供应链攻击和企业内网渗透的突出风险</strong></p><p style=\"text-indent: 32.15pt; text-align: justify;\"><strong>1．场景描述：</strong>通过在企业内部部署“龙虾”，对接企业已有管理系统，实现智能化数据分析、文档处理、行政管理、财务辅助和知识管理等。</p><p style=\"text-indent: 32.15pt; text-align: justify;\"><strong>2．安全风险：</strong>引入异常插件、“技能包”等引发供应链攻击；网络安全风险在内网横向扩散，引发已对接的系统平台、数据库等敏感信息泄露或丢失；缺乏审计和追溯机制情况下易引发合规风险。</p><p style=\"text-indent: 32.15pt; text-align: justify;\"><strong>3．应对策略：</strong>独立网段部署，与关键生产环境隔离运行，禁止在内部网络使用未审批的“龙虾”智能体终端；部署前进行充分安全测试，部署时采取最小化权限授予，禁止非必要的跨网段、跨设备、跨系统访问；留存完整操作和运行日志，确保满足审计等合规要求。</p><p style=\"text-indent: 32pt; text-align: justify;\"><strong>（二）开发运维场景主要存在系统设备敏感信息泄露和被劫持控制的突出风险</strong></p><p style=\"text-indent: 32.15pt; text-align: justify;\"><strong>1．场景描述：</strong>通过企业或个人部署“龙虾”，将自然语言转化为可执行指令，辅助进行代码编写、代码运行、设备巡检、配置备份、系统监控、管理进程等。</p><p style=\"text-indent: 32.15pt; text-align: justify;\"><strong>2．安全风险：</strong>非授权执行系统命令，设备遭网络攻击劫持；系统账号和端口信息暴露，遭受外部攻击或口令爆破；网络拓扑、账户口令、API接口等敏感信息泄露。</p><p style=\"text-indent: 32.15pt; text-align: justify;\"><strong>3．应对策略：</strong>避免生产环境直接部署使用，优先在虚拟机或沙箱中运行；部署前进行充分安全测试，部署时采取最小化权限授予，禁止授予管理员权限；建立高危命令黑名单，重要操作启用人工审批机制。</p><p style=\"text-indent: 32pt; text-align: justify;\"><strong>（三）个人助手场景主要存在个人信息被窃和敏感信息泄露的突出风险</strong></p><p style=\"text-indent: 32.15pt; text-align: justify;\"><strong>1．场景描述：</strong>通过个人即时通讯软件等远程接入本地化部署的“龙虾”，提供个人信息管理、日常事务处理、数字资产整理等，并可作为知识学习和生活娱乐助手。</p><p style=\"text-indent: 32.15pt; text-align: justify;\"><strong>2．安全风险：</strong>权限过高导致恶意读写、删除任意文件；互联网接入情况下遭受网络攻击入侵；通过提示词注入误执行危险命令，甚至接管智能体；明文存储密钥等导致个人信息泄露或被窃取。</p><p style=\"text-indent: 32.15pt; text-align: justify;\"><strong>3．应对策略：</strong>加强权限管理，仅允许访问必要目录，禁止访问敏感目录；优先通过加密通道接入，禁止非必要互联网访问，禁止高危操作指令或增加二次确认；严格通过加密方式存储API密钥、配置文件、个人重要信息等。</p><p style=\"text-indent: 32pt; text-align: justify;\"><strong>（四）金融交易场景主要存在引发错误交易甚至账户被接管的突出风险</strong></p><p style=\"text-indent: 32.15pt; text-align: justify;\"><strong>1．场景描述：</strong>通过企业或个人部署“龙虾”，调用金融相关应用接口，进行自动化交易与风险控制，提高量化交易、智能投研及资产组合管理效率，实现市场数据抓取、策略分析、交易指令执行等功能。</p><p style=\"text-indent: 32.15pt; text-align: justify;\"><strong>2．安全风险：</strong>记忆投毒导致错误交易，身份认证绕过导致账户被非法接管；引入包含恶意代码的插件导致交易凭证被窃取；极端情况下因缺乏熔断或应急机制，导致智能体失控频繁下单等风险。</p><p style=\"text-indent: 32.15pt; text-align: justify;\"><strong>3．应对策略：</strong>实施网络隔离与最小权限，关闭非必要互联网端口；建立人工复核和熔断应急机制，关键操作增加二次确认；强化供应链审核，使用官方组件并定期修复漏洞；落实全链路审计与安全监测，及时发现并处置安全风险。</p><p style=\"text-indent: 32pt; text-align: justify;\"><span style=\"font-family: 黑体;\">二、安全使用建议</span></p><p style=\"text-indent: 32pt; text-align: justify;\"><strong>（一）使用官方最新版本。</strong><span style=\"font-family: 黑体;\">要</span>从官方渠道下载最新稳定版本，并开启自动更新提醒；在升级前备份数据，升级后重启服务并验证补丁是否生效。<span style=\"font-family: 黑体;\">不要</span>使用第三方镜像版本或历史版本。</p><p style=\"text-indent: 32pt; text-align: justify;\"><strong>（二）严格控制互联网暴露面。</strong><span style=\"font-family: 黑体;\">要</span>定期自查是否存在互联网暴露情况，一旦发现立即下线整改。<span style=\"font-family: 黑体;\">不要</span>将“龙虾”智能体实例暴露到互联网，确需互联网访问的可以使用SSH等加密通道，并限制访问源地址，使用强密码或证书、硬件密钥等认证方式。</p><p style=\"text-indent: 32pt; text-align: justify;\"><strong>（三）坚持最小权限原则。</strong><span style=\"font-family: 黑体;\">要</span>根据业务需要授予完成任务必需的最小权限，对删除文件、发送数据、修改系统配置等重要操作进行二次确认或人工审批。优先考虑在容器或虚拟机中隔离运行，形成独立的权限区域。<span style=\"font-family: 黑体;\">不要</span>在部署时使用管理员权限账号。</p><p style=\"text-indent: 32pt; text-align: justify;\"><strong>（四）谨慎使用技能市场。</strong><span style=\"font-family: 黑体;\">要</span>审慎下载ClawHub“技能包”，并在安装前审查技能包代码。<span style=\"font-family: 黑体;\">不要</span>使用要求“下载ZIP”、“执行shell脚本”或“输入密码”的技能包。</p><p style=\"text-indent: 32pt; text-align: justify;\"><strong>（五）防范社会工程学攻击和浏览器劫持。</strong><span style=\"font-family: 黑体;\">要</span>使用浏览器沙箱、网页过滤器等扩展阻止可疑脚本，启用日志审计功能，遇到可疑行为立即断开网关并重置密码。<span style=\"font-family: 黑体;\">不要</span>浏览来历不明的网站、点击陌生的网页链接、读取不可信文档。</p><p style=\"text-indent: 32pt; text-align: justify;\"><strong>（六）建立长效防护机制。</strong><span style=\"font-family: 黑体;\">要</span>定期检查并修补漏洞，及时关注OpenClaw官方安全公告、工业和信息化部网络安全威胁和漏洞信息共享平台等漏洞库的风险预警。党政机关、企事业单位和个人用户可以结合网络安全防护工具、主流杀毒软件进行实时防护，及时处置可能存在的安全风险。<span style=\"font-family: 黑体;\">不要</span>禁用详细日志审计功能。</p><p style=\"text-indent: 32pt; text-align: justify;\"> </p><p style=\"text-align: justify;\"><span style=\"font-family: 黑体;\">附录：部分安全基线及配置参考</span></p><p style=\"text-indent: 32pt; text-align: justify;\"><strong> </strong></p><p style=\"text-indent: 32pt; text-align: justify;\"><span style=\"font-family: 黑体;\">一、智能体部署</span></p><p style=\"text-indent: 32pt; text-align: justify;\">创建OpenClaw专有用户，切勿使用sudo组：</p><p style=\"text-indent: 32pt; text-align: justify;\">sudo adduser --shell /bin/rbash --disabled-password clawuser</p><p style=\"text-indent: 32pt; text-align: justify;\">通过创建的专有用户登录操作系统。</p><p style=\"text-indent: 32pt; text-align: justify;\">创建受限的命令目录，禁止rm、mv、dd、format、powershell等：</p><p style=\"text-indent: 32pt; text-align: justify;\">sudo mkdir -p /home/clawuser/bin</p><p style=\"text-indent: 32pt; text-align: justify;\">sudo ln -s /bin/ls /home/clawuser/bin/ls</p><p style=\"text-indent: 32pt; text-align: justify;\">sudo ln -s /bin/echo /home/clawuser/bin/echo</p><p style=\"text-indent: 32pt; text-align: justify;\">强制设置 PATH 并只读，如在 /etc/profile.d/restricted_clawuser.sh修改配置：</p><p style=\"text-indent: 32pt; text-align: justify;\">echo 'if [ \"$USER\" = \"clawuser\" ]; then export PATH=/home/clawuser/bin; readonly PATH; fi' | sudo tee /etc/profile.d/restricted_clawuser.sh</p><p style=\"text-indent: 32pt; text-align: justify;\">sudo chmod 644 /etc/profile.d/restricted_clawuser.sh</p><p style=\"text-indent: 32pt; text-align: justify;\">禁用root登录：</p><p style=\"text-indent: 32pt; text-align: justify;\">sudo sed -i 's/^#\\?PermitRootLogin.*/PermitRootLogin no/' /etc/ssh/sshd_config</p><p style=\"text-indent: 32pt; text-align: justify;\">sudo systemctl restart sshd</p><p style=\"text-indent: 32pt; text-align: justify;\"><span style=\"font-family: 黑体;\">二、限制互联网访问</span></p><p style=\"text-indent: 32pt; text-align: justify;\"><strong>（一）Linux服务器配置</strong></p><p style=\"text-indent: 32pt; text-align: justify;\">创建自定义链：</p><p style=\"text-indent: 32pt; text-align: justify;\">sudo iptables -N ALLOWED_IPS</p><p style=\"text-indent: 32pt; text-align: justify;\">添加允许的IP（IP地址为示例，操作时需替换为实际IP地址）：</p><p style=\"text-indent: 32pt; text-align: justify;\">sudo iptables -A ALLOWED_IPS -s 192.168.1.100 -j ACCEPT</p><p style=\"text-indent: 32pt; text-align: justify;\">sudo iptables -A ALLOWED_IPS -s 10.0.0.5 -j ACCEPT</p><p style=\"text-indent: 32pt; text-align: justify;\">sudo iptables -A ALLOWED_IPS -s 172.24.57.160 -j ACCEPT</p><p style=\"text-indent: 32pt; text-align: justify;\">sudo iptables -A ALLOWED_IPS -j RETURN</p><p style=\"text-indent: 32pt; text-align: justify;\">应用到SSH端口：</p><p style=\"text-indent: 32pt; text-align: justify;\">sudo iptables -A INPUT -p tcp --dport 22 -j ALLOWED_IPS</p><p style=\"text-indent: 32pt; text-align: justify;\">sudo iptables -A INPUT -p tcp --dport 17477 -j ALLOWED_IPS</p><p style=\"text-indent: 32pt; text-align: justify;\">此外，可参考上述命令关闭以下端口互联网访问或设置IP地址白名单：Telnet（23）、Windows文件共享（135、137、138、139、445）、Windows远程桌面（3389）、远程桌面控制（5900-5910）、数据库类端口（3306、5432、6379、27017）。</p><p style=\"text-indent: 32pt; text-align: justify;\"><strong>（二）VPN接入的情况下配置</strong></p><p style=\"text-indent: 32pt; text-align: justify;\">将OpenClaw Gateway绑定127.0.0.1，切勿直接绑定到0.0.0.0。</p><p style=\"text-indent: 32pt; text-align: justify;\">关闭18789端口：</p><p style=\"text-indent: 32pt; text-align: justify;\">sudo ufw deny 18789</p><p style=\"text-indent: 32pt; text-align: justify;\">远程访问时强制使用VPN并启用Gateway认证（在openclaw.json中设置gateway.auth.mode: \"token\"及强令牌）。</p><p style=\"text-indent: 32pt; text-align: justify;\"><span style=\"font-family: 黑体;\">三、开启详细日志</span></p><p style=\"text-indent: 32pt; text-align: justify;\">开启日志记录：</p><p style=\"text-indent: 32pt; text-align: justify;\">openclaw gateway --log-level debug &gt;&gt; /var/log/openclaw.log 2&gt;&amp;1</p><p style=\"text-indent: 32pt; text-align: justify;\"><span style=\"font-family: 黑体;\">四、文件系统访问控制</span></p><p style=\"text-indent: 32pt; text-align: justify;\">在Docker部署配置文件(docker-compose.yml)中，利用volumes参数将系统关键目录挂载为:ro（只读）模式，仅保留特定的/workspace为可写状态。</p><p style=\"text-indent: 32pt; text-align: justify;\">在宿主机系统层，通过chmod 700指令对私密数据目录实施强制访问控制：</p><p style=\"text-indent: 32pt; text-align: justify;\">sudo chmod 700 /path/to/your/workspace</p><p style=\"text-indent: 32pt; text-align: justify;\"><span style=\"font-family: 黑体;\">五、第三方技能审查</span></p><p style=\"text-indent: 32pt; text-align: justify;\">安装前执行技能审查命令：</p><p style=\"text-indent: 32pt; text-align: justify;\">openclaw skills info &lt;skill&gt;</p><p style=\"text-indent: 32pt; text-align: justify;\">并审查~/.openclaw/skills/&lt;skill&gt;/SKILL.md文件，确认无恶意指令（如curl、bash）。</p><p style=\"text-indent: 32pt; text-align: justify;\">优先选用内置55个Skill或社区精选列表（如awesome-openclaw-skills）。</p><p style=\"text-indent: 32pt; text-align: justify;\"><span style=\"font-family: 黑体;\">六、安全自检</span></p><p style=\"text-indent: 32pt; text-align: justify;\">定期运行安全审计命令：</p><p style=\"text-indent: 32pt; text-align: justify;\">openclaw security audit</p><p style=\"text-indent: 32pt; text-align: justify;\">针对审计发现的安全隐患，如网关认证暴露、浏览器控制暴露等，及时按照上述安全基线及配置参考、官方手册等进行处置。</p><p style=\"text-indent: 32pt; text-align: justify;\"><span style=\"font-family: 黑体;\">七、更新版本</span></p><p style=\"text-indent: 32pt; text-align: justify;\">运行版本更新命令：</p><p style=\"text-indent: 32pt; text-align: justify;\">openclaw update</p><p style=\"text-indent: 32pt; text-align: justify;\"><span style=\"font-family: 黑体;\">八、卸载</span></p><p style=\"text-indent: 32pt; text-align: justify;\">打开终端，执行删除命令：</p><p style=\"text-indent: 32pt; text-align: justify;\">openclaw uninstall</p><p style=\"text-indent: 32pt; text-align: justify;\">使用鼠标上下移动光标，按空格键勾选所有选项，然后按回车键确认。</p><p style=\"text-indent: 32pt; text-align: justify;\">选择yes并按回车，此命令会自动删除OpenClaw的工作目录。</p><p style=\"text-indent: 32pt; text-align: justify;\">卸载npm包：</p><p style=\"text-indent: 32pt; text-align: justify;\">1. 使用npm安装openclaw对应卸载命令：</p><p style=\"text-indent: 32pt; text-align: justify;\">npm rm -g openclaw</p><p style=\"text-indent: 32pt; text-align: justify;\">2. 如果使用pnpm安装openclaw对应卸载命令：</p><p style=\"text-indent: 32pt; text-align: justify;\">pnpm remove -g openclaw</p><p style=\"text-indent: 32pt; text-align: justify;\">3. 如果使用bun安装openclaw对应卸载命令：</p><p style=\"text-indent: 32pt; text-align: justify;\">bun remove -g openclaw</p>",
  "create_time": "2026-03-11T18:56:22.000+08:00",
  "origin": "工业和信息化部网络安全威胁和漏洞信息共享平台",
  "record_type": 1,
  "release_time_raw": "2026-03-11T00:00:00.000+08:00",
  "system_type": 2,
  "update_time": "2026-03-11T18:58:29.000+08:00"
}

{
  "click_number": 0,
  "content_html": "<p style=\"text-indent: 32pt; line-height: 2;\"><span style=\"font-size: 19px; font-family: 宋体;\">近日，工业和信息化部网络安全威胁和漏洞信息共享平台（</span><span style=\"font-size: 19px; font-family: &quot;Times New Roman&quot;;\">NVDB</span><span style=\"font-size: 19px; font-family: 宋体;\">）监测发现，开源应用框架</span><span style=\"font-size: 19px; font-family: &quot;Times New Roman&quot;;\">Apache Struts2</span><span style=\"font-size: 19px; font-family: 宋体;\">存在</span><span style=\"font-size: 19px; font-family: &quot;Times New Roman&quot;;\">XML</span><span style=\"font-size: 19px; font-family: 宋体;\">外部实体注入漏洞。</span></p><p style=\"text-indent: 32pt; line-height: 2;\"><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: &quot;Times New Roman&quot;;\">Apache Struts2</span><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: 宋体;\">是一款开源的</span><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: &quot;Times New Roman&quot;;\">Java Web</span><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: 宋体;\">应用程序开发框架，广泛用于创建企业级</span><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: &quot;Times New Roman&quot;;\">Web</span><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: 宋体;\">应用程序。其</span><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: &quot;Times New Roman&quot;;\">XWork</span><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: 宋体;\">组件在解析</span><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: &quot;Times New Roman&quot;;\">XML</span><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: 宋体;\">配置文件时，未对外部实体进行充分校验与限制，可被攻击者恶意利用造成服务器端请求伪造、数据泄露、拒绝服务等危害。受影响的</span><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: &quot;Times New Roman&quot;;\">Apache Struts2</span><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: 宋体;\">版本包括：</span><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: &quot;Times New Roman&quot;;\">2.0.0≤Ver≤2.3.37、2.5.0≤Ver≤2.5.33</span><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: 宋体;\">、</span><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: &quot;Times New Roman&quot;;\">6.0.0≤Ver≤6.1.0</span><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: 宋体;\">。</span></p><p style=\"text-indent: 32pt; line-height: 2;\"><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: 宋体;\">目前，</span><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: &quot;Times New Roman&quot;;\">Apache</span><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: 宋体;\">官方已修复该漏洞并发布更新公告（</span><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: &quot;Times New Roman&quot;;\">URL</span><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: 宋体;\">链接：</span><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: &quot;Times New Roman&quot;;\">https://cwiki.apache.org/confluence/display/WW/S2-069</span><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: 宋体;\">）。</span><span style=\"font-size: 19px; font-family: 宋体;\">建议相关单位和用户立即开展隐患排查，及时升级至最新安全版本，</span><span style=\"color: rgb(0, 0, 0); font-size: 19px; font-family: 宋体;\">或通过配置禁用外部实体等临时措施</span><span style=\"font-size: 19px; font-family: 宋体;\">防范网络攻击风险。</span></p>",
  "create_time": "2026-02-06T14:48:59.000+08:00",
  "origin": "工业和信息化部网络安全威胁和漏洞信息共享平台",
  "record_type": 1,
  "release_time_raw": "2026-02-06T00:00:00.000+08:00",
  "system_type": 2,
  "update_time": "2026-04-10T14:46:01.000+08:00"
}