CVE-2025-11337 in Water Conservancy Informatization Platforminfo

Zusammenfassung

von MITRE • 06.10.2025

A vulnerability was detected in Four-Faith Water Conservancy Informatization Platform up to 2.2. This affects an unknown part of the file /aloneReport/index.do/../../aloneReport/download.do;othersusrlogout.do. Performing manipulation of the argument fileName results in path traversal. It is possible to initiate the attack remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

VulDB

Veröffentlichung

06.10.2025

Moderieren

akzeptiert

Eintrag

VDB-327220

CPE

bereit

CWE

CWE-22 (bestätigt)

Exploit

Download

CVSS

5.3 (VulDB)

EPSS

0.00071

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-11337
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-11337
CVE Details	https://www.cvedetails.com/cve/CVE-2025-11337/

◂ Zurück Übersicht Weiter ▸

Want to know what is going to be exploited?

We predict KEV entries!