CVE-2025-0225 | Tsinghua Unigroup Electronic Archives System 3.2.210802(62532) exampleDownload.html name path traversal

Inserito da Angelo Barbosa | Gen 4, 2025 | CVE

A vulnerability classified as problematic was found in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). Affected by this vulnerability is an unknown functionality of the file /setting/ClassFy/exampleDownload.html. The manipulation of the argument name leads to path traversal: ‘/../filedir’.

This vulnerability is known as CVE-2025-0225. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2025-0225 | Tsinghua Unigroup Electronic Archives System 3.2.210802(62532) exampleDownload.html name path traversal

Post correlati

CVE-2024-44411 | D-Link DI-8300 16.07.26A1 msp_info_htm command injection

CVE-2024-0560 | upstream insufficient permissions or privileges

CVE-2024-24486 | Silex DS-600 1.4.1 Setting access control

CVE-2017-15832 | Qualcomm Snapdragon Mobile MDM9206/MDM9607/SD 835/SD 845/SD 850 WLAN Host Driver input validation