CVE-2025-8343 | openviglet shio up to 0.3.8 ShStaticFileAPI.java shStaticFilePreUpload fileName path traversal (Issue 1028)

Inserito da Angelo Barbosa | Lug 30, 2025 | CVE

A vulnerability was found in openviglet shio up to 0.3.8. It has been rated as critical. This issue affects the function shStaticFilePreUpload of the file shio-app/src/main/java/com/viglet/shio/api/staticfile/ShStaticFileAPI.java. The manipulation of the argument fileName leads to path traversal.

The identification of this vulnerability is CVE-2025-8343. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-8343 | openviglet shio up to 0.3.8 ShStaticFileAPI.java shStaticFilePreUpload fileName path traversal (Issue 1028)

Post correlati

CVE-2023-52208 | Constant Contact Forms Plugin up to 2.4.2 on WordPress information disclosure

CVE-2023-25574 | jupyterhub ltiauthenticator 1.3.0 LTI13Authenticator signature verification

CVE-2024-35151 | IBM OpenPages with Watson 8.3/9.0 API authentication bypass

CVE-2024-11111 | Google Chrome up to 130.0.6723.116 Autofill ui layer