CVE-2025-7877 | Metasoft 美特软件 MetaCRM up to 6.4.2 sendfile.jsp File unrestricted upload

Inserito da Angelo Barbosa | Lug 19, 2025 | CVE

A vulnerability, which was classified as critical, has been found in Metasoft 美特软件 MetaCRM up to 6.4.2. This issue affects some unknown processing of the file sendfile.jsp. The manipulation of the argument File leads to unrestricted upload.

The identification of this vulnerability is CVE-2025-7877. The attack may be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-7877 | Metasoft 美特软件 MetaCRM up to 6.4.2 sendfile.jsp File unrestricted upload

Post correlati

CVE-2024-42057 | Zyxel ATP/USG FLEX/USG FLEX 50(W)/USG20(W)-VPN up to 5.38 IPSec VPN username os command injection

CVE-2024-50350 | LibreNMS up to 24.9.x Port Settings Page name cross site scripting

CVE-2024-8752 | Smart HMI WebIQ 2.15.19 path traversal

CVE-2024-54175 | IBM MQ 9.3/9.4 unusual condition