exploitDog

CVE-2025-41723

Опубликовано: 22 окт. 2025

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

The importFile SOAP method is vulnerable to a directory traversal attack. An unauthenticated remote attacker bypass the path restriction and upload files to arbitrary locations.

Ссылки

https://sauter.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-060.json

EPSS

Процентиль: 33%

0.00135

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-35

Связанные уязвимости

GHSA-gw24-5v6p-pvvv

CVSS3: 9.8

github

6 месяцев назад

The importFile SOAP method is vulnerable to a directory traversal attack. An unauthenticated remote attacker bypass the path restriction and upload files to arbitrary locations.

EPSS

Процентиль: 33%

0.00135

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-35