CVE-2025-0645
Arbitrary File Upload in Narkom Communication Technologies' Pyxis Signage
Vexday Risk Score
21Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 7.2EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
20 nov 2025Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Unrestricted Upload of File with Dangerous Type vulnerability in Narkom Communication and Software Technologies Trade Ltd. Co. Pyxis Signage allows Accessing Functionality Not Properly Constrained by ACLs.
This issue affects Pyxis Signage: through 31012025.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H