← voltar
CVE-2025-2305

Local file inclusion vulnerability in LIVE CONTRACT

CVSS 8.6 HIGHEPSS 0.3%CWE-20
Vexday Risk Score
21Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 8.6EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
16 mai 2025Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A Path traversal vulnerability in the file download functionality was identified. This vulnerability allows unauthenticated users to download arbitrary files, in the context of the application server, from the Linux server.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N