CVE-2025-0401 | 1902756969 reggie 1.0 CommonController.java download name path traversal

Posted by Angelo Barbosa | Jan 12, 2025 | CVE

A vulnerability classified as critical has been found in 1902756969 reggie 1.0. Affected is the function download of the file src/main/java/com/itheima/reggie/controller/CommonController.java. The manipulation of the argument name leads to path traversal.

This vulnerability is traded as CVE-2025-0401. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2025-0401 | 1902756969 reggie 1.0 CommonController.java download name path traversal

Related Posts

CVE-2024-25443 | Hugin 2022.0.0 Image linkWith use after free

CVE-2024-4818 | Campcodes Online Laundry Management System 1.0 /index.php page file inclusion

CVE-2024-2413 | Intumit SmartRobot up to 6.1.2-202212tw hard-coded key

CVE-2024-53157 | Linux Kernel up to 6.12.1 arm_scpi null pointer dereference