CVE-2025-9795 in tianti 天梯정보

요약

\~에 의해 MITRE • 2025. 09. 02.

A vulnerability has been found in xujeff tianti 天梯 up to 2.3. The impacted element is the function ajaxUploadFile of the file src/main/java/com/jeff/tianti/controller/UploadController.java. The manipulation of the argument upfile leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

책임이 있는

VulDB

공개

2025. 09. 02.

모더레이션

수락

항목

VDB-322110

CPE

준비됨

CWE

CWE-434 (확인됨)

익스플로잇

다운로드

CVSS

5.4 (NVD)

EPSS

0.00050

KEV

아니요

활동

매우 낮음

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-9795
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-9795
CVE Details	https://www.cvedetails.com/cve/CVE-2025-9795/

◂ 이전 개요 다음 ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!