安全ID : QSA-25-20
Vulnerability in HybridDesk Station
发布日期 : August 29, 2025
通用漏洞披露 : CVE-2025-44015
受影响产品: HybridDesk Station 4.2.x
严重程度
Moderate
状态
已解决
Summary
A command injection vulnerability has been reported to affect HybridDesk Station. If an attacker gains local network access, they can then exploit the vulnerability to execute arbitrary commands.
We have already fixed the vulnerability in the following version:
| Affected Product | Fixed Version |
| HybridDesk Station 4.2.x | HybridDesk Station 4.2.18 and later |
Recommendation
To fix the vulnerability, we recommend updating HybridDesk Station to the latest version.
Updating HybridDesk Station
- Log on to QTS or QuTS hero as an administrator.
- Open App Center and then click
.
A search box appears. - Type "HybridDesk Station" and then press ENTER.
HybridDesk Station appears in the search results. - Click Update.
A confirmation message appears.
Note: The Update button is not available if your HybridDesk Station is already up to date. - Click OK.
The system updates the application.
附件
致谢: Dohwan Kim, Junwoo Kwon (neko_hat, wnsdn1583 from Chung-Ang Univ.)
修订历史:
V1.0 (August 29, 2025) - Published
