← back
CVE-2025-2239

Absolute Path Disclosure Vulnerability in Hillstone Next Generation FireWall

CVSS 5.3 MEDIUMEPSS 0.3%CWE-209
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.3EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
12 Mar 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Generation of Error Message Containing Sensitive Information vulnerability in Hillstone Networks Hillstone Next Generation FireWall.This issue affects Hillstone Next Generation FireWall: from 5.5R8P1 before 5.5R8P23.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected products
Hillstone Networks · Hillstone Next Generation FireWall

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.hillstonenet.com.cn/security-notification/2025/02/17/stoneosjd/